Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP authentication question
Special Forums Cybersecurity LDAP authentication question Post 302184636 by melias on Saturday 12th of April 2008 07:47:42 AM
Old 04-12-2008
re: LDAP
If you have multiple servers and require a central sign-on method across all server, then LDAP makes your life a lot easier. You only have one repository of user accounts (and passwords) that all configured servers authenticate against. You can store other details within the LDAP (Microsoft's Active Directory is an example of LDAP and what it can store).

As such, LDAP itself doesn't really provide any more security than a system which is configured for local user accounts - it's main benefit is in reducing the amount of time required to administer multiple servers.

You configure your server to authenticate with LDAP first, but your system still needs to authenticate locally in case network issues cause connection problems with your LDAP server.

Without knowing what O/S your server is running, it a little hard to provide more detail. And LDAP installation and configuration, whilst not too difficult, is still not a quick and simple task. There are plently of tuturials on the web - there's sure to be one for your specific system.

Hope this helps a little..
Last edited by melias; 04-12-2008 at 08:54 AM..
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Module for LDAP Authentication

Hello Everyone, I have enabled LDAP authentication on my Web script by adding the list of valid users in /etc/apach2/default-server.conf. However, I now want to retrieve the username of the person that logs in. How can I do that? Is there any such module? Regards, Harsha (0 Replies)
Discussion started by: garric
0 Replies

2. UNIX and Linux Applications

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

3. Linux

LDAP authentication question

Hello, I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it. Presently, I have configured Basic authentication with apache but the security is not tight. I... (1 Reply)
Discussion started by: bptronics
1 Replies

4. HP-UX

HpUx and ldap Authentication

Hi to all, i try to configure an HpUx 11.23 to use a Sun Directory Server to authenticate in system. In my ldap the users is posixAccount. I read in www that there is a sotware called LDAPUX but it use a profile, and it requires a change that i can't execute in my ldap because it is used also... (0 Replies)
Discussion started by: suuuper
0 Replies

5. UNIX for Advanced & Expert Users

LDAP Authentication AND Authorization

I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies

6. Red Hat

CVS ldap authentication

I am trying to convert all my redhat servers over to ldap. I have solved almost all the probems but am having trouble getting cvs pserver to authenticate. I'm running redhat 4. Just patched everything the other day. cvs is cvs-1.11.17-9.1.el4_7.1. Any suggestions would be welcome. Obviously... (1 Reply)
Discussion started by: jhtrice
1 Replies

7. Solaris

LDAP authentication

Hi folks, i have opends 1.2 manually installed subversion 1.4.3 and apache2 updated by package manager. i want to access svn using LDAP authentication its giving an error: ldap_simple_bind_s() failed. what could be the problem. i wrote some text at the end of httpd.conf fpr ldap... (2 Replies)
Discussion started by: visu_buri
2 Replies

8. Solaris

Authentication with LDAP in opensolaris

Hi all, I have two virtual machines, one with Suse and another with opensolaris 2009.06. The ldap server is in the Suse machine. From my opensolaris, with command ldalist i can see the information about the ldap configuration, i mean, the dn: ou:.... if i type id <ldapuser> i can see the user... (0 Replies)
Discussion started by: checoturco
0 Replies

9. AIX

LDAP authentication

Hi, We are trying to use LDAP to authenticate the login from our application. Our application is installed on AIX 6.1 and LDAP server is on active directory windows 2003. We are getting the below error when we try to login. We have the required lib file in the path it is looking for. Any idea... (3 Replies)
Discussion started by: Nand1010_MA
3 Replies

10. Emergency UNIX and Linux Support

LDAP and AD Authentication Query

Hi Friends, I have below scenarios . dom1.test.com - LDAP dom2.test.com - AD Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with dom1\username -> get authenticated by LDAP host ... (2 Replies)
Discussion started by: Shirishlnx
2 Replies

LEARN ABOUT CENTOS

pam_chauthtok

PAM_CHAUTHTOK(3)						 Linux-PAM Manual						  PAM_CHAUTHTOK(3)

NAME

       pam_chauthtok - updating authentication tokens

SYNOPSIS

       #include <security/pam_appl.h>

       int pam_chauthtok(pam_handle_t *pamh, int flags);

DESCRIPTION

       The pam_chauthtok function is used to change the authentication token for a given user (as indicated by the state associated with the
       handle pamh).

       The pamh argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more
       of the following values:

       PAM_SILENT
	   Do not emit any messages.

       PAM_CHANGE_EXPIRED_AUTHTOK
	   This argument indicates to the modules that the users authentication token (password) should only be changed if it has expired. If this
	   argument is not passed, the application requires that all authentication tokens are to be changed.

RETURN VALUES

       PAM_AUTHTOK_ERR
	   A module was unable to obtain the new authentication token.

       PAM_AUTHTOK_RECOVERY_ERR
	   A module was unable to obtain the old authentication token.

       PAM_AUTHTOK_LOCK_BUSY
	   One or more of the modules was unable to change the authentication token since it is currently locked.

       PAM_AUTHTOK_DISABLE_AGING
	   Authentication token aging has been disabled for at least one of the modules.

       PAM_PERM_DENIED
	   Permission denied.

       PAM_SUCCESS
	   The authentication token was successfully updated.

       PAM_TRY_AGAIN
	   Not all of the modules were in a position to update the authentication token(s). In such a case none of the user's authentication
	   tokens are updated.

       PAM_USER_UNKNOWN
	   User unknown to password service.

SEE ALSO

       pam_start(3), pam_authenticate(3), pam_setcred(3), pam_get_item(3), pam_strerror(3), pam(8)

Linux-PAM Manual						    09/19/2013							  PAM_CHAUTHTOK(3)
All times are GMT -4. The time now is 03:02 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy