06-19-2014
Central authentication server
Hi guys
In the firm we are running Windows and Linux server. Currently all servers are using the same usernames and password and from my opinion is we are running bad and non secure practice.
I was looking some documentation and I think best solution is to use SAMBA/LDAP/Kerberos to act as domain controller. I know Windows has active directory but my primary target is Linux.
Also, I never implemented this kind of enterprise system so my questions are
1. Can I get login once infrastructure (login just once and get all corporate services) ?
2. Can LDAP users login to Windows and Linux ? What about RDBMS (We have all major names of the market) ?
3. Is possible to build WEB interface for adding/removing users and groups from LDAP ?
I really don't know anything about those mentioned systems so I'm asking a lot of questions
10 More Discussions You Might Find Interesting
1. IP Networking
Network Configuration Figure
http://geocities.com/fy_heng/test1.JPG
Dear all,
I currently performing an testing using the above network configuration (Please click on the above link).
On how actually the RADIUS server can authenticate the user who connect to the WAP (wireless access point)... (0 Replies)
Discussion started by: Paris Heng
0 Replies
2. Filesystems, Disks and Memory
Hi ,
I have several Linux Servers , and now i want to run a Central backup server. . I'm looking forward finding an enterprise solution for this affair .
there are different types of data on this servers, like : Mysql databases , mail server, web server , Cacti and MRTG graphs , ...
I find some... (1 Reply)
Discussion started by: nasser
1 Replies
3. UNIX and Linux Applications
Hi;
I had set up NFS server in one ubuntu box and mounted few directories using it.
In order to access those directories across the network i m using j-ftp(an open source java network client) from other boxes in the same network.I am able to view my mounted directories in the server through it.... (1 Reply)
Discussion started by: ajaypadvi
1 Replies
4. Red Hat
Hi,
Please could someone advise I'm trying to use winscp from a Window server 2008 R2, but i need to add the authentication key to access the linux rh 5.4 servers ?
What is the best way of approaching this ?
If there are any web links that could help me do this, that would be good.
... (1 Reply)
Discussion started by: venhart
1 Replies
5. Shell Programming and Scripting
Hello,
I tried searching through lot of threads for a solution but couldn't fetch the exact solution, so I am creating a new thread.
I am trying to connect to a FTP server
1) using a simple FTP command, it gives the error :
534 Policy requires SSL.
Login failed.
2) using SFTP... (19 Replies)
Discussion started by: amitshete
19 Replies
6. Solaris
Hi Experts,
In our env, we have around 100 more solaris 8,9,10 servers,
we quaterly apply patches & emergency fixes, for this we take prior OS Ufsdump bkp,
In order to reduce the efforts to go DC & load each time the tapes on all servers & take the ufsdump backup, we planned to set up a... (2 Replies)
Discussion started by: fizan
2 Replies
7. Linux
I am trying LDAP authentication for users logged in CentOS by PAM. Also I have disabled(off) nsslapd-anonymous-access flag to restrict anonymous access by providing the binddn and bindpw.
I have changed binddn and bindpw in /etc/ldap.conf for PAM to bind with LDAP to authenticate user.
ie) When... (1 Reply)
Discussion started by: shri_22ram
1 Replies
8. Linux
Hi my name is Manju.
->I have configure the two way authentication on my linux server.
->Now I am able to apply two way authenticator on particuler user.
->Now I want to map this linux server to my AD server.
->Kindly tell me how to map AD(Active Directory) with this linux server.
... (0 Replies)
Discussion started by: manjusharma128
0 Replies
9. Solaris
Hi
I am very well aware of configuring central logging (syslog)server on solaris to capture logs of other solaris servers. But don't know how to capture the logs of network devices like Juniper , cisco etc on solaris server. Is this possible through syslog server of solaris. Is there any way we... (1 Reply)
Discussion started by: amity
1 Replies
10. Solaris
Hello,
I have problems seting up SMB server in Solaris 11.3.
I had SMB working previously on Solaris 11 (updated to 11.3), but a bad harddisk crash forced me to install Solaris again from scratch and I cannot get it working properly.
I have imported the previous zfs pool with share.smb set... (7 Replies)
Discussion started by: Zorken
7 Replies
LEARN ABOUT CENTOS
luseradd
luseradd(1) General Commands Manual luseradd(1)
NAME
luseradd - Add an user
SYNOPSIS
luseradd [OPTION]... user
DESCRIPTION
Adds an user with name user.
OPTIONS
-c, --gecos=gecos
Set the GECOS field to gecos. The GECOS field is traditionally used to store user's real name and other information.
-d, --directory=directory
Set user's home directory to directory. If this option is not present, a default specified by libuser configuration is used.
-g, --gid=group
Set user's primary group to group. group can either be a group ID of an existing group, or a group name; if group is a group name
and the group does not exist, it is created. If the --gid option is not specified, the default group name is user.
-i, --interactive
Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration.
-k, --skeleton=directory
Populate the newly created user's home directory with a copy of directory. If this option is not present, a default directory spec-
ified by libuser configuration, or /etc/skel if libuser configuration does not specify a default, is used.
-M, --nocreatehome
Don't create a home directory and a mail spool for the newly created user.
-n, --nocreategroup
If a group is not specified using -g, use group name "users" instead of user. Note that despite the name of the option, the group
will still be created if it does not exist.
-P, --plainpassword=password
Set user's password to password. Note that the password can be viewed while running luseradd using tools such as ps(1).
-p, --password=encrypted
Set user's password to the password represented by the hash encrypted. Note that the hash can be viewed while running luseradd
using tools such as ps(1).
-r, --reserved
The user is a system user. Users that are not marked as system user usually have automatically selected user IDs above a certain
value (configured as LU_UIDNUMBER in libuser.conf(5)). This information is also passed to the libuser backends. This option
implies the -M option.
-s, --shell=shell
Set user's login shell to shell. If this option is not present, a default specified by libuser configuration is used.
-u, --uid=uid
Use user ID uid for the newly created user. An user ID is selected automatically if this option is not present.
--commonname=name
Use common name name for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its support may
have further limitations (e.g. LDAP schema rules).
--givenname=name
Use given name name for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its support may
have further limitations (e.g. LDAP schema rules).
--homephone=phone
Use home telephone number phone for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its
support may have further limitations (e.g. LDAP schema rules).
--roomnumber=room
Use room number room for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its support may
have further limitations (e.g. LDAP schema rules).
--surname=name
Use surname name for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its support may have
further limitations (e.g. LDAP schema rules).
--telephonenumber=phone
Use telephone number phone for the newly created user. This attribute is only supported in some backends (e.g.LDAP), and its sup-
port may have further limitations (e.g. LDAP schema rules).
EXIT STATUS
The exit status is 0 on success, nonzero on error.
libuser 2009-12-09 luseradd(1)