12-19-2014
I want to centralize user authentication
Right now it is just a simple environment consisting of a small number of CentOS boxes, but I would like to set up central user authentication to make things easier, especially as we expand (I've already budgeted to triple our local infrastructure and we will be also expanding geographically to multiple regions internationally at some point next year).
Years ago, I remember NIS or NIS+ being the easiest thing in a pure Linux environment, but after some googling I'm finding that Open LDAP has replace it as the sort of "go to" for central user authentication in Linux?
Just wanted to see what other's opinions are, is there a particular "brand" of LDAP software that is preferred, or used more than others? Looking through the LDAP entry on Wikipedia I see quiet a lot of choices for server software, such as OpenLDAP, FreeIPA, 389 Directory server, etc etc.
Any/all opinions are welcome, I come from a primarily Microsoft background so I'm not used to having choices
10 More Discussions You Might Find Interesting
1. Solaris
Ok i need a little help...
I have 20 Solaris 8 machines and I would like to have these machines do user authentication through one machine acting as server instead of having to maintain a user list on every machine. What can I do to achieve this?
Thanks (3 Replies)
Discussion started by: meyersp
3 Replies
2. Shell Programming and Scripting
Hi All,
sftp -b script.txt <hostname>
user-authentication through non-interactive way is desired. But, its failing to do so.
Could anyone kindly advise.
Thanks for any/all help at the earliest.
Regards,
Dheeraj. (1 Reply)
Discussion started by: dheeruchakri
1 Replies
3. Forum Support Area for Unregistered Users & Account Problems
I recently registered, but never received the email with the instructions for authenticating my account. I confirmed my email in in the profile looks correct. I found and clicked the link to resend the authentication email. I clicked that link two days ago and I still don't have the email. It... (1 Reply)
Discussion started by: dwallace
1 Replies
4. Solaris
Hello, this is my first post, i´m trying to get some help on this issue.
I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (1 Reply)
Discussion started by: amedran
1 Replies
5. UNIX for Advanced & Expert Users
Hello, this is my first post, i´m trying to get some help on this issue.
I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (2 Replies)
Discussion started by: amedran
2 Replies
6. Red Hat
This is my first time configuring it, can someone give me advice on how you would config the architecture? For example, I'm stuck on the fail back issue. If my openldap box goes down, how do my users log in. I've heard of the following two options.
1 - create local user accounts ... ok but... (3 Replies)
Discussion started by: sdotsen
3 Replies
7. AIX
In /etc/security/user, we can set which authentication method we use for each user. for example:
test:
admin = false
rlogin = false
SYSTEM = "NONE"
I want to test whether SYSTEM=NONE (without ") is acceptable. How can I verify it? and How can we check which... (1 Reply)
Discussion started by: quanba
1 Replies
8. AIX
Hello everyone, hoping you can provide some incite with a little problem I'm having..
I have the LDAP client configured and running on my AIX 5.3 server, which is authenticating against an eDirectory LDAP server. I can login via LDAP no problems on the AIX server with newly created users,... (4 Replies)
Discussion started by: j_aix
4 Replies
9. Programming
Hi, all,
I am a newbie to linux authentication part.
Questions below really puzzle me:
How to authenticate users from local storage(passwd shadow) and nis server?
(Without PAM)
getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd".
I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies
10. Shell Programming and Scripting
Hello all.. i am new to perl scripting.. i wanted to parse a text file, encode the parsed text and attach in url.. please point me to right resources if you know any..This is my major problem. Now i try to get a url running and save it in a text file using LWP module in perl, I used following... (0 Replies)
Discussion started by: empyrean
0 Replies
LEARN ABOUT LINUX
pam_sm_acct_mgmt
PAM_SM_ACCT_MGMT(3) Linux-PAM Manual PAM_SM_ACCT_MGMT(3)
NAME
pam_sm_acct_mgmt - PAM service function for account management
SYNOPSIS
#define PAM_SM_ACCOUNT
#include <security/pam_modules.h>
PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv);
DESCRIPTION
The pam_sm_acct_mgmt function is the service module's implementation of the pam_acct_mgmt(3) interface.
This function performs the task of establishing whether the user is permitted to gain access at this time. It should be understood that the
user has previously been validated by an authentication module. This function checks for other things. Such things might be: the time of
day or the date, the terminal line, remote hostname, etc. This function may also determine things like the expiration on passwords, and
respond that the user change it before continuing.
Valid flags, which may be logically OR'd with PAM_SILENT, are:
PAM_SILENT
Do not emit any messages.
PAM_DISALLOW_NULL_AUTHTOK
Return PAM_AUTH_ERR if the database of authentication tokens for this authentication mechanism has a NULL entry for the user.
RETURN VALUES
PAM_ACCT_EXPIRED
User account has expired.
PAM_AUTH_ERR
Authentication failure.
PAM_NEW_AUTHTOK_REQD
The user's authentication token has expired. Before calling this function again the application will arrange for a new one to be given.
This will likely result in a call to pam_sm_chauthtok().
PAM_PERM_DENIED
Permission denied.
PAM_SUCCESS
The authentication token was successfully updated.
PAM_USER_UNKNOWN
User unknown to password service.
SEE ALSO
pam(3), pam_acct_mgmt(3), pam_sm_chauthtok(3), pam_strerror(3), PAM(8)
Linux-PAM Manual 06/04/2011 PAM_SM_ACCT_MGMT(3)