Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP authentication question
Special Forums Cybersecurity LDAP authentication question Post 302184636 by melias on Saturday 12th of April 2008 07:47:42 AM
Old 04-12-2008
re: LDAP
If you have multiple servers and require a central sign-on method across all server, then LDAP makes your life a lot easier. You only have one repository of user accounts (and passwords) that all configured servers authenticate against. You can store other details within the LDAP (Microsoft's Active Directory is an example of LDAP and what it can store).

As such, LDAP itself doesn't really provide any more security than a system which is configured for local user accounts - it's main benefit is in reducing the amount of time required to administer multiple servers.

You configure your server to authenticate with LDAP first, but your system still needs to authenticate locally in case network issues cause connection problems with your LDAP server.

Without knowing what O/S your server is running, it a little hard to provide more detail. And LDAP installation and configuration, whilst not too difficult, is still not a quick and simple task. There are plently of tuturials on the web - there's sure to be one for your specific system.

Hope this helps a little..
Last edited by melias; 04-12-2008 at 08:54 AM..
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Module for LDAP Authentication

Hello Everyone, I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module? Regards, Harsha (0 Replies)
Discussion started by: garric
0 Replies

2. UNIX and Linux Applications

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

3. Linux

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

4. HP-UX

HpUx and ldap Authentication

Hi to all, i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system. In my ldap the users is posixAccount. I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
Discussion started by: suuuper
0 Replies

5. UNIX for Advanced & Expert Users

LDAP Authentication AND Authorization

I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies

6. Red Hat

CVS ldap authentication

I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day. cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome. Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies

7. Solaris

LDAP authentication

Hi folks, i have opends 1.2 manually installed subversion 1.4.3 and apache2 updated by package manager. i want to access svn using LDAP authentication its giving an error: ldap_simple_bind_s() failed. what could be the problem. i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies

8. Solaris

Authentication with LDAP in opensolaris

Hi all, I have two virtual machines, one with Suse and another with opensolaris 2009.06. The ldap server is in the Suse machine. From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:.... if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies

9. AIX

LDAP authentication

Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003. We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies

10. Emergency UNIX and Linux Support

LDAP and AD Authentication Query

Hi Friends, I have below scenarios . dom1.test.com - LDAP dom2.test.com - AD Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with dom1\username -> get authenticated by LDAP host ... (2 Replies)
Discussion started by: Shirishlnx
2 Replies

LEARN ABOUT CENTOS

pkcsicsf

PKCSICSF(1)							   openCryptoki 						       PKCSICSF(1)

NAME

       pkcsicsf - configuration utility for the ICSF token

SYNOPSIS

       pkcsicsf [-h] [-l|-a token name] [-b BINDDN] [-c client-cert-file] [-C CA-cert-file] [-k privatekey] [-m mechanism] [-u URI]

DESCRIPTION

       The pkcsicsf utility lists available ICSF tokens and allows user to add one specific ICSF token to opencryptoki.

       The ICSF token must be added first to opencryptoki. This creates an entry in the opencryptoki.conf file for the ICSF token. It also creates
	a  token_name.conf  configuration  file  in  the same directory as the opencryptoki.conf file, containing ICSF specific information.  This
       information is read by the ICSF token.

       The ICSF token must bind and authenticate to an LDAP server.  The supported authentication mechanisms are simple and sasl.   One  of  these
       mechanisms must be entered when listing the available ICSF tokens or when adding an ICSF token. Opencryptoki currently supports adding only
       one ICSF token.

       The system admin can either allow the ldap calls to utilize exisiting ldap configs, such as ldap.conf or .ldaprc for bind  and  authentica-
       tion information or set the bind and authentication information within opencryptoki by using this utility and its options.  The information
       will then be placed in the token_name.conf file to be used in the ldap calls. When using simple authentication, the user will  be  prompted
       for the racf password when listing or adding a token.

OPTIONS

       -a token name
		 add the specified ICSF token to opencryptoki.

       -b BINDND the distinguish name to bind when using simple authentication

       -c client-cert-file
		 the client certificate file when using SASL authentication

       -C CA-cert-file
		 the CA certificate file when using SASL authentication

       -h	 show usage information

       -k privatekey
		 the client private key file when using SASL authentication

       -m mechanism
		 the authentication mechanism to use when binding to the LDAP server (this should be either simple or sasl)

       -l	 list available ICSF tokens

       -h	 show usage information

FILES

       /etc/opencryptoki/opencryptoki.conf
	      the opencryptoki config file containing token configuration information

       /etc/opencryptoki/token_name.conf
	      contains ICSF configuration information for the ICSF token

SEE ALSO

       opencryptoki(7),
       pkcsslotd(8).
       pkcsconf(8).

3.0								    April 2013							       PKCSICSF(1)
All times are GMT -4. The time now is 10:25 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy