OT: NIS to LDAP/AD advise
bryan
bryan at redfedora.co.uk
Sat Jun 26 09:11:52 UTC 2010
On 25/06/2010 23:21, Jamie Bohr wrote:
> Hello All,
>
> Sorry this is off-topic but I would like some advise from this list
> and possibly get an understanding of what other large organizations
> are doing for UNIX/Linux authentication management.
>
> I am a Senior Administrator for 3000 UNIX/Linux based devices ranging
> from HP-UX 10.20-11.31, Solaris 8-10 and RHEL 3-5 at 40 different
> sites. Most are using NIS for authentication (separate NIS domains)
> and the AMD (am-utils) automounter. I would like to move
> authentication to LDAP (AD would be better) but before I invest a lot
> of time and effort I would like advise from this list on what
> direction I should go.
> Because some of the devices are NOT capable of using LDAP (or AD) for
> authentication I will need to keep NIS around until they can be
> removed from the environment. If I move to LDAP I would like as much
> put into LDAP as possible including Netgroup, automounter maps and
> sudo permissions.
>
> A few questions:
>
> 1. Do you manage a multi-site, multi-geography environment using LDAP?
> 1. If so, what LDAP version do you use?
> 2. Do you keep automounter maps in LDAP?
> 3. Do you keep netgroups in LDAP?
> 4. Do you have SUDO information in LDAP?
> 5. Do you support OSes other than Linux with LDAP?
> 1. If so, what OSes and version, i.e.: HP-UX 11.23, ...
> 2. Would Fedora Directory server, FreeIPA or something else be the
> way to go?
> 3. Any advice on resolving over lapping UIDs/GIDs?
> 4. Have anyone used Likewise (or something like it) to authenticate
> of an AD domain?
>
> --
> Jamie Bohr
Hi
Might be worthwhile asking on http://directory.fedoraproject.org/ Rich
Megginson has been doing ldap things since the year dot, so would
probably be able to give you some pointers.
Bryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20100626/735b1fec/attachment.html
More information about the users
mailing list