Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: I want to centralize user authentication
Operating Systems Linux Red Hat I want to centralize user authentication Post 302929319 by xdawg on Friday 19th of December 2014 12:07:42 PM
Old 12-19-2014
Question I want to centralize user authentication
Right now it is just a simple environment consisting of a small number of CentOS boxes, but I would like to set up central user authentication to make things easier, especially as we expand (I've already budgeted to triple our local infrastructure and we will be also expanding geographically to multiple regions internationally at some point next year).

Years ago, I remember NIS or NIS+ being the easiest thing in a pure Linux environment, but after some googling I'm finding that Open LDAP has replace it as the sort of "go to" for central user authentication in Linux?

Just wanted to see what other's opinions are, is there a particular "brand" of LDAP software that is preferred, or used more than others? Looking through the LDAP entry on Wikipedia I see quiet a lot of choices for server software, such as OpenLDAP, FreeIPA, 389 Directory server, etc etc.

Any/all opinions are welcome, I come from a primarily Microsoft background so I'm not used to having choices Image
 

10 More Discussions You Might Find Interesting

1. Solaris

User Authentication

Ok i need a little help... I have 20 Solaris 8 machines and I would like to have these machines do user authentication through one machine acting as server instead of having to maintain a user list on every machine. What can I do to achieve this? Thanks (3 Replies)
Discussion started by: meyersp
3 Replies

2. Shell Programming and Scripting

SFTP- Non-interactive user authentication

Hi All, sftp -b script.txt <hostname> user-authentication through non-interactive way is desired. But, its failing to do so. Could anyone kindly advise. Thanks for any/all help at the earliest. Regards, Dheeraj. (1 Reply)
Discussion started by: dheeruchakri
1 Replies

3. Forum Support Area for Unregistered Users & Account Problems

authentication of new user

I recently registered, but never received the email with the instructions for authenticating my account. I confirmed my email in in the profile looks correct. I found and clicked the link to resend the authentication email. I clicked that link two days ago and I still don't have the email. It... (1 Reply)
Discussion started by: dwallace
1 Replies

4. Solaris

Centralize multiple servers administration

Hello, this is my first post, i´m trying to get some help on this issue. I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (1 Reply)
Discussion started by: amedran
1 Replies

5. UNIX for Advanced & Expert Users

Centralize multiple servers administration

Hello, this is my first post, i´m trying to get some help on this issue. I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (2 Replies)
Discussion started by: amedran
2 Replies

6. Red Hat

Centralize logins w/ openldap

This is my first time configuring it, can someone give me advice on how you would config the architecture? For example, I'm stuck on the fail back issue. If my openldap box goes down, how do my users log in. I've heard of the following two options. 1 - create local user accounts ... ok but... (3 Replies)
Discussion started by: sdotsen
3 Replies

7. AIX

AIX: How to check which authentication method we are using for a user?

In /etc/security/user, we can set which authentication method we use for each user. for example: test: admin = false rlogin = false SYSTEM = "NONE" I want to test whether SYSTEM=NONE (without ") is acceptable. How can I verify it? and How can we check which... (1 Reply)
Discussion started by: quanba
1 Replies

8. AIX

LDAP user authentication issue

Hello everyone, hoping you can provide some incite with a little problem I'm having.. I have the LDAP client configured and running on my AIX 5.3 server, which is authenticating against an eDirectory LDAP server. I can login via LDAP no problems on the AIX server with newly created users,... (4 Replies)
Discussion started by: j_aix
4 Replies

9. Programming

Questions about user authentication in my application

Hi, all, I am a newbie to linux authentication part. Questions below really puzzle me: How to authenticate users from local storage(passwd shadow) and nis server? (Without PAM) getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd". I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies

10. Shell Programming and Scripting

Perl LWP user authentication

Hello all.. i am new to perl scripting.. i wanted to parse a text file, encode the parsed text and attach in url.. please point me to right resources if you know any..This is my major problem. Now i try to get a url running and save it in a text file using LWP module in perl, I used following... (0 Replies)
Discussion started by: empyrean
0 Replies

LEARN ABOUT REDHAT

ldap_sasl_bind

LDAP_BIND(3)						     Library Functions Manual						      LDAP_BIND(3)

NAME

       ldap_bind,  ldap_bind_s,  ldap_simple_bind, ldap_simple_bind_s, ldap_kerberos_bind_s, ldap_kerberos_bind1, ldap_kerberos_bind1_s, ldap_ker-
       beros_bind2, ldap_kerberos_bind2_s, ldap_unbind, ldap_unbind_s - LDAP bind routines

SYNOPSIS

       #include <ldap.h>

       int ldap_bind(ld, who, cred, method)
       LDAP *ld;
       char *who, *cred;
       int method;

       int ldap_bind_s(ld, who, cred, method)
       LDAP *ld;
       char *who, *cred;
       int method;

       int ldap_simple_bind(ld, who, passwd)
       LDAP *ld;
       char *who, *passwd;

       int ldap_simple_bind_s(ld, who, passwd)
       LDAP *ld;
       char *who, *passwd;

       int ldap_kerberos_bind_s(ld, who)
       LDAP *ld;
       char *who;

       int ldap_kerberos_bind1(ld, who)
       LDAP *ld;
       char *who;

       int ldap_kerberos_bind1_s(ld, who)
       LDAP *ld;
       char *who;

       int ldap_kerberos_bind2(ld, who)
       LDAP *ld;
       char *who;

       int ldap_kerberos_bind2_s(ld, who)
       LDAP *ld;
       char *who;

       int ldap_unbind(ld)
       LDAP *ld;

       int ldap_unbind_s(ld)
       LDAP *ld;

DESCRIPTION

       These routines provide various interfaces to the LDAP bind operation.  After a connection is made to an LDAP server using ldap_open(3),	an
       LDAP  bind operation must be performed before other operations can be attempted over the conection.  Both synchronous and asynchronous ver-
       sions of each variant of the bind call are provided.  There are three types of calls, providing simple authentication, kerberos authentica-
       tion, and general routines to do either one.  All routines take ld as their first parameter, as returned from ldap_open(3).

SIMPLE AUTHENTICATION

       The  simplest  form  of the bind call is ldap_simple_bind_s().  It takes the DN to bind as in who, and the userPassword associated with the
       entry in passwd.  It returns an LDAP error indication (see ldap_error(3)).  The ldap_simple_bind() call is asynchronous,  taking  the  same
       parameters  but only initiating the bind operation and returning the message id of the request it sent.	The result of the operation can be
       obtained by a subsequent call to ldap_result(3).

KERBEROS AUTHENTICATION

       If the LDAP library and LDAP server being contacted have been compiled with the KERBEROS option defined, Kerberos version 4  authentication
       can  be accomplished by calling the ldap_kerberos_bind_s() routine.  It assumes the user already has obtained a ticket granting ticket.	It
       takes who, the DN of the entry to bind as.  This routine does both steps of the kerberos  binding  process  synchronously.   The  ldap_ker-
       beros_bind1_s()	and  ldap_kerberos_bind2_s()  routines allow synchronous access to the individual steps, authenticating to the LDAP server
       and DSA, respectively.  The ldap_kerberos_bind1() and ldap_kerberos_bind2() routines provide equivalent asynchronous access.

GENERAL AUTHENTICATION

       The ldap_bind() and ldap_bind_s() routines can be used when the authentication method to use needs to be selected at  runtime.	They  both
       take  an extra method parameter selecting the authentication method to use.  It should be set to one of LDAP_AUTH_SIMPLE, LDAP_AUTH_KRBV41,
       or LDAP_AUTH_KRBV42, to select simple authentication, kerberos authentication to the LDAP server, or kerberos authentication  to  the  DSA,
       respectively.  ldap_bind() returns the message id of the request it initiates.  ldap_bind_s() returns an LDAP error indication.

UNBINDING

       The  ldap_unbind() call is used to unbind from the directory, terminate the current association, and free the resources contained in the ld
       structure.  Once it is called, the connection to the LDAP server is closed, and the ld structure is invalid.  The ldap_unbind_s()  call	is
       just another name for ldap_unbind(); both of these calls are synchronous in nature.

ERRORS

       Asynchronous  routines  will  return  -1 in case of error, setting the ld_errno parameter of the ld structure.  Synchronous routines return
       whatever ld_errno is set to.  See ldap_error(3) for more information.

SEE ALSO

       ldap(3), ldap_error(3), ldap_open(3)

ACKNOWLEDGEMENTS

       OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).  OpenLDAP is derived from University  of  Michigan
       LDAP 3.3 Release.

OpenLDAP 2.0.27-Release 					 22 September 1998						      LDAP_BIND(3)
All times are GMT -4. The time now is 04:03 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy