Hi Sorin we use here LDAP authentication and mail-control since more than 10 years. At that time, we did the conversion from passwd/shadow to LDAP using the tools on http://www.padl.com/download/ which are still available, probably in a newer version...
To represent a person or a service in LDAP we use the objectclasses: objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: mailRecipient
To represent a mail user for postfix we use the objectlcasses:
objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: qmailUser
To represent a Domain which we serve mail-wise we use the objectclasses: objectClass: qmailControl objectClass: top
We also have developed an LDAP via Web Interface, which we use exclusively for LDAP administration.
We have two LDAP servers, syncronized via syncrepl.
suomi
On 2014-01-28 10:02, Sorin Srbu wrote:
Hi all,
We're getting to a point in our linux environment where it's starting to be cumbersome to keep shadow and passwd-files up-to-date for the users to login on each computer. Scripts can only get us so far. 8-/
I've looked a bit into central login systems for linux, and NIS and LDAP seem to be prevalent. NIS being the simpler-to-setup solution for small to medium networks as I understand it, while LDAP is the more modern and scalable solution. See eg http://www.yolinux.com/TUTORIALS/NIS.html or http://sysadmin-notepad.blogspot.se/2013/06/nis-server-setup-on-rhelcentos.h....
NIS-wise, what is a "small to medium network"? We have currently about 20-30'ish linux clients and servers, and the environment is not likely to increase much beyond this point. Is a 30ish-computer setup, a small network?
The only thing I'm trying to accomplish is a system which will allow me to keep user accounts and passwords in one place, with one place only to administrate. NIS seems to be able to do that.
Comments and insights are much appreciated!
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos