Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Authentication and Authorization from Separate Domains
Top Forums UNIX for Advanced & Expert Users Authentication and Authorization from Separate Domains Post 302800673 by Wolvendeer on Tuesday 30th of April 2013 08:42:01 AM
Old 04-30-2013
So, answered my own question here. How this works is this: most guides I've seen on the topic will have you edit the ldap.conf file, which appears to control the Unix server's ability to authenticate users from an LDAP domain. The sudo package, when ldap enabled, will read the sudo-ldap.conf file for where to fetch sudoers records from. Most guides will have you symbolically link ldap.conf to this file (which is great in environments where your sudoers records are on the same domain as your user records -- which they don't have to be), but if you create sudo-ldap.conf by itself and put the uri and sudoers_base records into it, the sudo package will automatically read from a second LDAP server without causing any headache or conflict with other LDAP sources.

Overall, a pretty simple way to centralize the sudoers files for all of your Unix servers.
 

8 More Discussions You Might Find Interesting

1. OS X (Apple)

root/admin authorization and PackageMaker

I am building an installable package (.pkg) with PackageMaker 1.1.11 (that's the one that comes with Panther). The package is for installing things both to /Applications and to some folders in /Library (/Library/StartupItems and a new folder that I'm putting in /Library). I do (obviously) not... (4 Replies)
Discussion started by: ropers
4 Replies

2. UNIX for Advanced & Expert Users

shh authorization problem

I have ssh setup on 2 boxes ( aix / linux ). building a batchjob i have made a plaintext key. I force the command in the authorized_keys file running from aix -> linux ssh -i ~/.ssh/batchkey user@remote works perfect but from linux -> aix it get the following debug1:... (1 Reply)
Discussion started by: progressdll
1 Replies

3. Linux

Assigning Authorization to a user

Hi, I created a user, however, l want this user to be able to configure some services in REd Hat 8.0 such changing of Network address which is exclusive to root super user. Unlike in Openserver or Unixware were you can assign authorization and privileges to user. I have not being able to figure... (5 Replies)
Discussion started by: kayode
5 Replies

4. Programming

C NTLM Authorization via HTTP

Greetings, I am writing a C socket application that needs NTLM authorization before it can post HTTP requests, and I am having trouble with NTLM authorization messages. :b: I've found the following urls extremely valuable for creating message functions: Davenport WebDAV-SMB Gateway... (1 Reply)
Discussion started by: edvin
1 Replies

5. UNIX for Advanced & Expert Users

LDAP Authentication AND Authorization

I see a lot of thread on LDAP Authentication but I want to enable LDAP Authentication with Authorization. Meaning, removing the user ID's and groups from the local servers and move them to an LDAP server. When a user logs in (via LDAP) they will be given their group memberships and access to the... (3 Replies)
Discussion started by: scottsl
3 Replies

6. Red Hat

PAM configuration: Kerberos authentication and NIS authorization problem

Hi, I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS. The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies

7. BSD

problems with authorization via `xauth'

Dear all, I've got problems with X server authentication using `xauth'. The problem is, that I have my local computer running NetBSD 5.1 and a remote computer in LAN which is running Debian GNU Linux. During the login to my NetBSD computer `xdm' generates a magic cookie for my DISPLAY. Then I... (2 Replies)
Discussion started by: sidorenko
2 Replies

8. Web Development

Two separate domains - and files

Hi, I've been asked to 'troubleshoot' a webserver where two different TLDs are being served. Or to be more accurate, 'domain.com' and 'domain.fr'. So we have /var/www/domain.com /var/www/domain.fr And then for some reason, the httpd.conf file points to two different configuration files.... (1 Reply)
Discussion started by: davidm123SED
1 Replies

LEARN ABOUT OSX

slapo-pbind

SLAPO-PBIND(5)							File Formats Manual						    SLAPO-PBIND(5)

NAME

       slapo-pbind - proxy bind overlay to slapd

SYNOPSIS

       /etc/openldap/slapd.conf

DESCRIPTION

       The  pbind  overlay  to	slapd(8) forwards Simple Binds on a local database to a remote LDAP server instead of processing them locally. The
       remote connection is managed using an instance of the ldap backend.

       The pbind overlay uses a subset of the ldap backend's config directives. They are described in more detail in slapd-ldap(5).

       Note: this overlay is built into the ldap backend; it is not a separate module.

       overlay pbind
	      This directive adds the proxy bind overlay to the current backend.  The proxy bind overlay may be used with any backend, but  it	is
	      mainly intended for use with local storage backends.

       uri <ldapurl>
	      LDAP server to use.

       tls <TLS parameters>
	      Specify the use of TLS.

       network-timeout <time>
	      Set the network timeout.

       quarantine <quarantine parameters>
	      Turns on quarantine of URIs that returned LDAP_UNAVAILABLE.

FILES

       /etc/openldap/slapd.conf
	      default slapd configuration file

SEE ALSO

       slapd.conf(5), slapd-config(5), slapd-ldap(5), slapd(8).

AUTHOR

       Howard Chu

OpenLDAP 2.4.28 						    2011/11/24							    SLAPO-PBIND(5)
All times are GMT -4. The time now is 10:52 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy