[Date Prev][Date Next]
Re: Authentication/Authorization Recommendations
> I have 2 file and DB servers installed with RH9 (1 is to provide
> redundancy). I do not want to trust the company NT PDC for authentication
> to my servers, and would rather handle all authentication/authorization for
> our servers myself (mainly limited to a single division of the company).
> The environment for the whole house is Windows based (mostly Win98), so
> I'll need to be running Samba for the file sharing aspect. Security from
> the outside world will be provided by the company firewall, but I believe
> I'd still prefer to secure all communications (no plaintext; passwords or
> otherwise). I want OpenLDAP to provide authentication to my servers as
> well as manage groups for authorization to shares. I'd like users to be
> able to manage their own passwords (securely), and all authorization
> handled by LDAP.
> In short, my basic need is to determine how to best configure
> openldap for best security while maintaining easy account management for my
> users. I do not really want to make my own PDC though as most docs dealing
> w/ Openldap and Samba together seem to lean towards. The main area that's
> been boggling me thus far is the function of SASL, and how to choose a
> mechanism to use.
Win98 is the bottleneck, but with W2000 and XP you could use pGina.
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521