Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP authentication question
Special Forums Cybersecurity LDAP authentication question Post 302184636 by melias on Saturday 12th of April 2008 07:47:42 AM
Old 04-12-2008
re: LDAP
If you have multiple servers and require a central sign-on method across all server, then LDAP makes your life a lot easier. You only have one repository of user accounts (and passwords) that all configured servers authenticate against. You can store other details within the LDAP (Microsoft's Active Directory is an example of LDAP and what it can store).

As such, LDAP itself doesn't really provide any more security than a system which is configured for local user accounts - it's main benefit is in reducing the amount of time required to administer multiple servers.

You configure your server to authenticate with LDAP first, but your system still needs to authenticate locally in case network issues cause connection problems with your LDAP server.

Without knowing what O/S your server is running, it a little hard to provide more detail. And LDAP installation and configuration, whilst not too difficult, is still not a quick and simple task. There are plently of tuturials on the web - there's sure to be one for your specific system.

Hope this helps a little..
Last edited by melias; 04-12-2008 at 08:54 AM..
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Module for LDAP Authentication

Hello Everyone, I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module? Regards, Harsha (0 Replies)
Discussion started by: garric
0 Replies

2. UNIX and Linux Applications

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

3. Linux

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

4. HP-UX

HpUx and ldap Authentication

Hi to all, i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system. In my ldap the users is posixAccount. I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
Discussion started by: suuuper
0 Replies

5. UNIX for Advanced & Expert Users

LDAP Authentication AND Authorization

I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies

6. Red Hat

CVS ldap authentication

I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day. cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome. Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies

7. Solaris

LDAP authentication

Hi folks, i have opends 1.2 manually installed subversion 1.4.3 and apache2 updated by package manager. i want to access svn using LDAP authentication its giving an error: ldap_simple_bind_s() failed. what could be the problem. i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies

8. Solaris

Authentication with LDAP in opensolaris

Hi all, I have two virtual machines, one with Suse and another with opensolaris 2009.06. The ldap server is in the Suse machine. From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:.... if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies

9. AIX

LDAP authentication

Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003. We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies

10. Emergency UNIX and Linux Support

LDAP and AD Authentication Query

Hi Friends, I have below scenarios . dom1.test.com - LDAP dom2.test.com - AD Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with dom1\username -> get authenticated by LDAP host ... (2 Replies)
Discussion started by: Shirishlnx
2 Replies

LEARN ABOUT PLAN9

securenet

SECURENET(8)						      System Manager's Manual						      SECURENET(8)

NAME

       securenet - Digital Pathways SecureNet Key remote authentication box

DESCRIPTION

       The  SecureNet  box is used to authenticate connections to Plan 9 from a foreign system such as a Unix machine or plain terminal.  The box,
       which looks like a calculator, performs DES encryption with a key held in its memory.  Another copy of the key is kept on  the  authentica-
       tion server.  Each box is protected from unauthorized use by a four digit PIN.

       When  the  system requires SecureNet authentication, it prompts with a numerical challenge.  The response is compared to one generated with
       the key stored on the authentication server.  Respond as follows:

       Turn on the box and enter your PIN at the EP prompt, followed by the ENT button.  Enter the challenge at Ed  prompt,  again  followed  ENT.
       Then  type  to Plan 9 the response generated by the box.  If you make a mistake at any time, reset the box by pressing ON.  The authentica-
       tion server compares the response generated by the box to one computed internally.  If they match, the user is accepted.

       The box will lose its memory if given the wrong PIN five times in succession or if its batteries are removed.

       To reprogram it, type a 4 at the E0 prompt.

       At the E1 prompt, enter your key, which consists of eight three-digit octal numbers.  While you are entering these digits, the box displays
       a  number  ranging  from 1 to 8 on the left side of the display.  This number corresponds to the octal number you are entering, and changes
       when you enter the first digit of the next number.

       When you are done entering your key, press ENT twice.

       At the E2 prompt, enter a PIN for the box.

       After you confirm by retyping the PIN at the E3 prompt, you can use the box as normal.

       You can change the PIN using the following procedure.  First, turn on the box and enter your current PIN at the EP prompt.  Press ENT three
       times; this will return you to the EP prompt.  Enter your PIN again, followed by ENT; you should see a Ed prompt with a - on the right side
       of the display.	Enter a 0 and press ENT.  You should see the E2 prompt; follow the instructions above for entering a PIN.

       The SecureNet box performs the same encryption as the netcrypt routine (see encrypt(2)).  The entered challenge, a decimal number between 0
       and  100000,  is  treated  as a text string with trailing binary zero fill to 8 bytes.  These 8 bytes are encrypted with the DES algorithm.
       The first four bytes are printed on the display as hexadecimal numbers.	However, when set up as described, the box does not print hexadec-
       imal  digits greater than 9.  Instead, it prints a 2 for an A, B, or C, and a 3 for a D, E, or F.  If a 5 rather than a 4 is entered at the
       E0 print, the hexadecimal digits are printed.  This is not recommended, as letters are too easily confused with	digits	on  the  SecureNet
       display.

SEE ALSO

       encrypt(2), auth(2)
       Digital Pathways, Mountain View, California

BUGS

       The box is too clumsy.  If carried in a pocket, it can turn itself on and wear out the batteries.

																      SECURENET(8)
All times are GMT -4. The time now is 11:15 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy