Hi Team,
I am on the look out for free support and advise. I have implemented a basic LDAP server such that it authenticates for my mail server. However this time I have been given a project wherein my LDAP works as an authentication server for user login as well as mails. Also it should have policies while authentication viz. it should disable USB ports for the user, it should set a background wallpaper and screensaver which should start within 20 secs. of the PC's idle time. It should also if possible mount automatically a partition which will be user dependent rather that PC dependent.
I hope your getting the picture for which i require your assistance. This is the first time I am working on such a setup. I would appreciate your valuable help and guidance in resolving and setting up an LDAP server as per requirement.
Thanking you in advance for your guidance.
Thanks and Regards Santosh Balan +91-9819419509
----- Original Message ----- From: "Andrew Findlay" To: "Santosh Balan" Cc: openldap-technical@openldap.org Subject: Re: Setting up LDAP server Date: Wed, 22 Apr 2009 11:09:40 +0100
On Wed, Apr 22, 2009 at 03:05:56AM -0500, Santosh Balan wrote:
Can anyone help me on implementing and configuring LDAP server to authenticate users with system policies and auto mount a user's
partition
provided to him. Also, I want it to authenticate qmail users using
LDAP.
Are you looking for paid support? Several of us on this list are in the business of determining client requirements then designing and building solutions to fit, so I am sure you would get offers if you were to ask for that service.
On the other hand, if you want free advice then I think you will have to do more of the basic research yourself so that you can ask more specific questions. There are lots of papers and guides on the web that will help to get you started. Here is a pointer to some of mine:
http://www.skills-1st.co.uk/dir/
Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
On Thu, Apr 23, 2009 at 02:41:58AM -0500, Santosh Balan wrote:
I am on the look out for free support and advise. I have implemented a basic LDAP server such that it authenticates for my mail server. However this time I have been given a project wherein my LDAP works as an authentication server for user login as well as mails. Also it should have policies while authentication viz. it should disable USB ports for the user, it should set a background wallpaper and screensaver which should start within 20 secs. of the PC's idle time. It should also if possible mount automatically a partition which will be user dependent rather that PC dependent.
You do not say what operating system you are using.
I think you need to start by looking at the mechanisms available on the target OS to implement these policies. This is much more of an OS issue than an LDAP one. For example, with most Linux distros you can use PAM and NSS modules to link authentication and authorisation to LDAP. Solaris has similar mechanisms, and the *BSD systems too (but they are not identical). I suspect that you will do better to ask about this in OS-specific groups or mailing lists.
Controlling the wallpaper and screensaver will require configuration of the window system: Gnome, KDE and MSWindows all have ways to do this but they are different. It may be possible to link them to LDAP-hosted policies, but again you need to look at the mechanisms first. You cannot just setup some data in an LDAP server and expect it to magically control user desktops.
Once you have identified some control mechanisms you will be able to look at the way they interact with LDAP. This may require new schema, which this group certainly is qualified to discuss.
Andrew
openldap-technical@openldap.org
-
Andrew Findlay -
Santosh Balan