[Date Prev][Date Next] [Chronological] [Thread] [Top]

NSS/PAM_LDAP Management

Hello all,
	I am in the process of evaluating the usage of nss/pam_ldap for a
5-6 thousand user Linux network. I have everything working just peachy by
using RedHat 6.2 and the stock OpenLDAP/nss/pam_ldap modules that come
	I have a couple of questions that I need to have a clear answer on
before I commit to using this. I figured that this was the place to ask!

1. How does one create new accounts? I.E. Is there a set of utilities that
   provide the same functionality as "useradd" and "userdel" from the
   command line? I've been using LDAPXplorer under PHP-3 to create
   accounts, but that does not create home directories, figure out group
   mappings and the like. How do you guys do it?

2. When I attempt to change a password from the command line now, I get
   th following dialog. Any pointers would be helpful..

[root@tori openldap]# passwd
New UNIX password:
Retype new UNIX password:
Enter login(LDAP) password:
New password:
Re-enter new password:
LDAP password information update failed: Insufficient access
passwd: all authentication tokens updated successfully

3. Any performance issues to be concerned about with 5,000 entries?