m.roth@5-cent.us wrote:
OK, google comes up with what looks like some easy HOWTOs for LDAP
I'll dig in and come back with questions as required
Don't believe it.
The fall of '06, my manager and the other admin and I were discussing what to use for single sign-on. NIS has way too many holes, and no one was wild about NIS+, so, though none of us had dealt with it before, I though LDAP was the wave o' the future, and offered to implement it. A month
or so
later, and *lots* of grief and hair tearing (and I ain't got none to spare), I got it in. openLDAP's docs were *way* insufficient, and the tools that come with it are *not* ready for prime time, and user-surly, to say the least.
It works, though.
Is the recently packaged IPA server a better starting point?
http://lists.centos.org/pipermail/centos/2009-October/083023.html
Don't know - I rolled off that job over a year ago, and haven't had to set it up since. The last thing I did, a few months before leaving, was to upgrade from 2.2 to 2.3, to add policy, for password aging and so that users could change their own password.
mark