Hi Craig,
Hi,
Has anyone successfully deployed OpenLDAP for central auth in a very mixed unix environment? With Host based access control? Plus any documentation would be really great.
My needs;
- Central Auth
- Host based access control (e.g. user "John" from group "accounts" can't log into "development servers".
- Caching for Client logins on laptops. I figure SSSD will be useful here?
- Encryption (This looks pretty straight forward in the OpenLDAP 2.4 doco)
Client OS's involved;
- Solaris 9/10
- Fedora 15/16
- Centos 5/6
cya
Craig
A solution which will cover most of Your needs is in production here:
Central Auth
Client OS's: - Solaris 9/10 (working on 11) - HPUX 11.x - AIX 5/6 - Fedora/Redhat
Host based access control: - nis-netgroups for hosts - nis-netgroups for users - members of user-netgroup 'oracle_dba' can log into machines from host-netgroup 'oracle_db_server'
Role based access control: - sudo profiles for each role - sudoUser by user-netgroups (example: 'oracle_dba') - sudoHost by host-netgroups (example: oracle_db_server')
Encryption: tls/ssl
Pretty much straight forward from standard docs.
Juergen Sprenger