[Fedora-directory-devel] Does FDS 7.1 support RFC2307 ?
T.J. Yang
tj_yang at hotmail.com
Wed Aug 24 13:33:38 UTC 2005
>From: Keith Sharp <kms at passback.co.uk>
>Reply-To: kms at passback.co.uk,"Fedora Directory server developer
>discussion." <fedora-directory-devel at redhat.com>
>To: fedora-directory-devel at redhat.com
>Subject: Re: [Fedora-directory-devel] Does FDS 7.1 support RFC2307 ?
>Date: Wed, 24 Aug 2005 14:15:43 +0100
>
>On Wed, 2005-08-24 at 07:11 -0500, T.J. Yang wrote:
>
> > Reading RFC 2307 Section 5.1 and 5.2 but it is still vague for me.
> > Which OS and which software module has Secction 5.2 functions
>implemented ?
>
>I have done a degree of NIS replacement (passwd, group and automount
>entries) using the Fedora Core Linux operating system as both the client
>and the server. The LDAP server I used was OpenLDAP.
>The functions in section 5.2 are normally implemented in the standard
>libc library. On Fedora Core that is glibc, and the implementation uses
>the files /etc/nsswitch.conf to determine which directory to use to
>lookup information: files, NIS, LDAP, etc. For authentication you may
>also need to configure the PAM system to use LDAP. Fedora Core provides
>a utility called system-config-authentication that has a simple GUI for
>configuring these systems.
>
I played with LDAP authentition a while back. I was quite happy I could have
a ftp server(proftpd ?) setup to use ldap auth. I went on to pursure
telnet
authentication. after helps from others, I was able to setup a
RH9 box to authenticate user from my corporate ldap account. but the
catch is before ldap user can login, I need to create that same ldap account
locally
in /etc/passwd file. This sort of beat the purpose of ldap auth. I havn't
pursue
this for about two years, Is RHEL3/4 still require the inseration of user
entry
into /etc/passwd ?
My goal is to have configure a Unix box to allow telnet/ssh login from
users
with a valid ldap account.Also I like to restrict the login access base on a
ldap user's group.
tj
>Support on other operating systems and libc implementations will vary,
>you should contact the vendors or appropriate support groups for those
>operating systems.
>
>Keith.
>
>--
>Fedora-directory-devel mailing list
>Fedora-directory-devel at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-devel
More information about the Fedora-directory-devel
mailing list