[CentOS] User accounts management for small office

Thu Apr 21 18:55:26 UTC 2011
aurfalien at gmail.com <aurfalien at gmail.com>

On Apr 21, 2011, at 11:51 AM, m.roth at 5-cent.us wrote:

> Jeff Boyce wrote:
>> Greetings -
>> This may be a little off-topic here so if someone wants to point me  
>> to a
>> more appropriate mailing list I would appreciate it.
> <snip>
>> The issue that I would like to be able to resolve when the new  
>> server is
>> installed, is that currently if a user wants to change the password  
>> on
>> their Windows workstation, I have to manually update that new  
>> password
> on the
>> Linux user account, and also manually change the Samba user account.
>> Manually updating the password in three different locations is a  
>> minor
>> headache that I would like to correct.  I have been researching and
> <snip>
> You *could* do it with openldap, with the WinDoze boxen authenticating
> through that. Now, I'll warn you that though it may have improved, a  
> few
> years ago, openldap was a nightmare to configure, the documentation
> dreadull where it wasn't almost useless, and googling involved a  
> *lot* of
> searching.

Yes, agreed OpenLDAP is my suggestion as well.

As for Windows clients, you can either do;

Samba/LDAP tie in so that your LDAP domain also function as a PDC.

Or you can use pGina which is a Windows LDAP plugin that allows your  
Windows clients to auth direct to LDAP w/o the need to join a PDC first.

I prefer pGina but its not for every one.

- aurf