[wellylug] LDAP info
nic
nic at tymar.com
Tue Sep 18 04:35:13 NZST 2007
There's a bunch of users with Windows desktops, a Windows 2003 server, a Linux box with
postfix and squid, people currently have separate passwords for logging on to Windows, in
to mail, and on to squid. In addition some people have passwords for specialised network
devices, and/or browser-based apps on some apache servers (typically written in PHP or
Python, with source available), PPTP access and probably a million other things I've
forgotten.
LDAP is the thing that comes to mind when I think about ways of trying to manage this
complexity and move towards a single sign on, (preferably using PKI rater than passwords,
but that's another step). Trouble is, I don't really even know the questions to ask to get
me on the way, hence the ill-defined nature of the original post.
Does LDAP sound like the right type of tool to use in this case? Is it better to use the
Windows AD LDAP, or a separate server? Am I being naive in thinking it would be possible
to get down to a single authentication system and a single password/key for the majority
of users? has anyone out there done this sort of thing and are they willing to sell/give
some advice?
Nic
Cliff Pratt wrote:
> nic wrote:
>> Hi people
>>
>> What's a good book (or other info) on how to implement LDAP for
>> enterprise authentication? I'm particularly interested in how to tie
>> it in with Windows
>>
> Windows Active Directory contains an LDAP server. Do you want to use
> that for authentication? Or do you want to authenticate Windows users
> using LDAP in a workgroup situation?
>
> Cheers,
>
> Cliff
>
>
More information about the wellylug
mailing list