[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Solaris User Account Management

I'll try to answer some of these...

On Wed, 2003-07-30 at 20:55, Joe Gainey wrote:
> I've got what should be a fairly typical situation.  I've got about 500 
> or so boxes that are divided into various and sometimes overlapping 
> departments.  I'm looking to figure out if LDAP will solve my user 
> managment woes, so if anyone could answer the following questions and 
> supply any URL's referencing the answer I would really appreciate it.
> All of these apply to a Solaris 8/9 envirionment
> 1.  Can OpenLDAP be used for login in authentication and authorization?

authentication definitely - done that.

> 2.  Can users be added with accounts on specific groups of machines?
> 3.  Can users be added with an account on a specific machine?
> 4.  Can users be added with different home directories on different 
> groups of machines?
> 5.  Can standard solaris password aging and rules be applied to user 
> accounts?

solaris *requires* the use of shadowaccount objectclass (so you'll need
to adjust the migration script).

> 6.  Can solaris be configured using the OpenLDAP and/or native LDAP 
> clients to use TLS/SSL encryption?

never got the padl stuff to work happily with solaris but the native
stuff works fine for simple encrypted authentication.

> 7.  Does using TLS/SSL encryption mean that account is protected from 
> network sniffers?

yes, better than linux in my opinion as the autofs stuff is encrypted as

> Anyone got any experience with any of those?  All comments responces 
> welcome.

as someoneelse said - check out the archives, quite a few people running
solaris clients and servers.

> Joe
Greg Matthews
iTSS Wallingford	01491 692445