[Date Prev][Date Next]
Unified login with Novell eDirectory and OpenLDAP servers?
I am looking into the possibility of having a single account per user
stored on LDAP servers that will work on Windows (via Novell
Netware/eDirectory) and Solaris/Linux via OpenLDAP.
Does anyone have any experience of doing this without using Novell's
Account Management components (which handle the PAM authentication under
Solaris/Linux and also cost lotsa money)? Is this practical replicating
on or more OpenLDAP servers with an eDirectory server? Currently all our
unix accounts are handled by NIS+ but I will probably create all the
accounts again from scratch once I work out how to progress.
I have an OpenLDAP server (2.0.23) successfully running securely with
OpenSSL (0.9.6c) and with a cursory glance at the eDirectory
configuration under Netware 6 I can see that it supports SSL as well. If
I integrate the NDS schema into the OpenLDAP server as well as the NIS
that is already present I am hoping that the two will be able to
communicate correctly. I know the attribute userPassword is used to
store the Solaris/Linux password, but i couldn't find anything similarly
named for the Netware user password so I'm guessing it has a cryptic
name. I expect I would still need to keep both of these disparate
password fields and then synchronise them transparently to the user each
time they modify their password.
Alternatively is it possible to use the PADL PAM/NSS libraries to
replace the Novell Account Management components?
Any suggested reading material or pointers to information that will help
me decide if this is a viable project?
I apologise for some of these questions not being directly related to
OpenLDAP but I know someone here will have the knowledge to get me
All help much appreciated.
Software Support Officer
Faculty of Engineering and Information Sciences
University of Hertfordshire, College Lane, Hatfield
Hertfordshire AL10 9AB
Phone: +44 (0)1707 286297 E-Mail: email@example.com
Fax: +44 (0)1707 286298 WWW: http://www.mross.co.uk/work