[CentOS] user management solution needed

Wed Nov 4 22:16:13 UTC 2009
Craig White <craigwhite at azapple.com>

On Wed, 2009-11-04 at 17:01 -0500, Brian Mathis wrote:

> 
> In my extremely limited experience with LDAP, it seem that the problem
> is not "LDAP" itself, but how to structure it.  Most howtos walk you
> through installing whatever software, and then say "OK, now you have
> LDAP!"
> 
> The problem is that LDAP is useless without a structure and data
> inside of it.  You are usually left with a blank canvas after the
> install is complete.  It's a very daunting task to start sticking
> things in there without any guidance on the best way to structure it,
> especially since this is supposed you be the be-all end-all directory
> of everything and anything you do wrong now you need to live with for
> your entire life.
> 
> One argument is that everyone has different requirements, but there's
> got to be some kind of reasonable default that could be used for
> setting up something like distributed password auth.  As you mention,
> Active Directory does this, and maybe a structure like that is a
> reasonable default to recommend/include for people who don't need to
> fully architect a directory structure for a global company.
----
The structure is simple if you understand LDAP and horrifically
confusing if you don't understand LDAP.

If you use CentOS-DS or Fedora-DS, they are opinionated enough upon
initial setup to give you a predefined structure so I am not sure where
the problem lies except that you still don't understand LDAP so it is of
little use.

>From it's conception, LDAP was not designed to do user authentication.
It happens to work and it can work well and each office/network has its
own requirements. I myself have done things differently most times I
have set it up for a company...no big deal except that I had to learn
how it worked. It's amazing the amount of justification that people can
come up with for not learning how technology works.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.