[Date Prev][Date Next]
RE: NSS/PAM_LDAP Management
I'm not an expert on this but I believe you can just use the standard
useradd userdel functions to
add and delete users, and through the integration of LDAP into nss/pam it
will add the user, create
home directory etc. I think the problem you're having with the password is
to do with permissions
on the ldap database, can't remember how to fic it though.
5K+ records shouldn't be any problem what so ever.
I am in the process of evaluating the usage of nss/pam_ldap for a
5-6 thousand user Linux network. I have everything working just peachy by
using RedHat 6.2 and the stock OpenLDAP/nss/pam_ldap modules that come
I have a couple of questions that I need to have a clear answer on
before I commit to using this. I figured that this was the place to ask!
1. How does one create new accounts? I.E. Is there a set of utilities that
provide the same functionality as "useradd" and "userdel" from the
command line? I've been using LDAPXplorer under PHP-3 to create
accounts, but that does not create home directories, figure out group
mappings and the like. How do you guys do it?
2. When I attempt to change a password from the command line now, I get
th following dialog. Any pointers would be helpful..
[root@tori openldap]# passwd
New UNIX password:
Retype new UNIX password:
Enter login(LDAP) password:
Re-enter new password:
LDAP password information update failed: Insufficient access
passwd: all authentication tokens updated successfully
3. Any performance issues to be concerned about with 5,000 entries?