12-19-2014
I want to centralize user authentication
Right now it is just a simple environment consisting of a small number of CentOS boxes, but I would like to set up central user authentication to make things easier, especially as we expand (I've already budgeted to triple our local infrastructure and we will be also expanding geographically to multiple regions internationally at some point next year).
Years ago, I remember NIS or NIS+ being the easiest thing in a pure Linux environment, but after some googling I'm finding that Open LDAP has replace it as the sort of "go to" for central user authentication in Linux?
Just wanted to see what other's opinions are, is there a particular "brand" of LDAP software that is preferred, or used more than others? Looking through the LDAP entry on Wikipedia I see quiet a lot of choices for server software, such as OpenLDAP, FreeIPA, 389 Directory server, etc etc.
Any/all opinions are welcome, I come from a primarily Microsoft background so I'm not used to having choices
10 More Discussions You Might Find Interesting
1. Solaris
Ok i need a little help...
I have 20 Solaris 8 machines and I would like to have these machines do user authentication through one machine acting as server instead of having to maintain a user list on every machine. What can I do to achieve this?
Thanks (3 Replies)
Discussion started by: meyersp
3 Replies
2. Shell Programming and Scripting
Hi All,
sftp -b script.txt <hostname>
user-authentication through non-interactive way is desired. But, its failing to do so.
Could anyone kindly advise.
Thanks for any/all help at the earliest.
Regards,
Dheeraj. (1 Reply)
Discussion started by: dheeruchakri
1 Replies
3. Forum Support Area for Unregistered Users & Account Problems
I recently registered, but never received the email with the instructions for authenticating my account. I confirmed my email in in the profile looks correct. I found and clicked the link to resend the authentication email. I clicked that link two days ago and I still don't have the email. It... (1 Reply)
Discussion started by: dwallace
1 Replies
4. Solaris
Hello, this is my first post, i´m trying to get some help on this issue.
I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (1 Reply)
Discussion started by: amedran
1 Replies
5. UNIX for Advanced & Expert Users
Hello, this is my first post, i´m trying to get some help on this issue.
I´m looking for a software product (maybe SUN or TIVOLI) that provide me help on doing administrative tasks involving solaris, aix , linux & HPUX machines. This tasks are user/password creation/modification, SSH rights,... (2 Replies)
Discussion started by: amedran
2 Replies
6. Red Hat
This is my first time configuring it, can someone give me advice on how you would config the architecture? For example, I'm stuck on the fail back issue. If my openldap box goes down, how do my users log in. I've heard of the following two options.
1 - create local user accounts ... ok but... (3 Replies)
Discussion started by: sdotsen
3 Replies
7. AIX
In /etc/security/user, we can set which authentication method we use for each user. for example:
test:
admin = false
rlogin = false
SYSTEM = "NONE"
I want to test whether SYSTEM=NONE (without ") is acceptable. How can I verify it? and How can we check which... (1 Reply)
Discussion started by: quanba
1 Replies
8. AIX
Hello everyone, hoping you can provide some incite with a little problem I'm having..
I have the LDAP client configured and running on my AIX 5.3 server, which is authenticating against an eDirectory LDAP server. I can login via LDAP no problems on the AIX server with newly created users,... (4 Replies)
Discussion started by: j_aix
4 Replies
9. Programming
Hi, all,
I am a newbie to linux authentication part.
Questions below really puzzle me:
How to authenticate users from local storage(passwd shadow) and nis server?
(Without PAM)
getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd".
I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies
10. Shell Programming and Scripting
Hello all.. i am new to perl scripting.. i wanted to parse a text file, encode the parsed text and attach in url.. please point me to right resources if you know any..This is my major problem. Now i try to get a url running and save it in a text file using LWP module in perl, I used following... (0 Replies)
Discussion started by: empyrean
0 Replies
LEARN ABOUT MINIX
pam_authenticate
PAM_AUTHENTICATE(3) Linux-PAM Manual PAM_AUTHENTICATE(3)
NAME
pam_authenticate - account authentication
SYNOPSIS
#include <security/pam_appl.h>
int pam_authenticate(pam_handle_t *pamh, int flags);
DESCRIPTION
The pam_authenticate function is used to authenticate the user. The user is required to provide an authentication token depending upon the
authentication service, usually this is a password, but could also be a finger print.
The PAM service module may request that the user enter their username vio the the conversation mechanism (see pam_start(3) and
pam_conv(3)). The name of the authenticated user will be present in the PAM item PAM_USER. This item may be recovered with a call to
pam_get_item(3).
The pamh argument is an authentication handle obtained by a prior call to pam_start(). The flags argument is the binary or of zero or more
of the following values:
PAM_SILENT
Do not emit any messages.
PAM_DISALLOW_NULL_AUTHTOK
The PAM module service should return PAM_AUTH_ERR if the user does not have a registered authentication token.
RETURN VALUES
PAM_ABORT
The application should exit immediately after calling pam_end(3) first.
PAM_AUTH_ERR
The user was not authenticated.
PAM_CRED_INSUFFICIENT
For some reason the application does not have sufficient credentials to authenticate the user.
PAM_AUTHINFO_UNVAIL
The modules were not able to access the authentication information. This might be due to a network or hardware failure etc.
PAM_MAXTRIES
One or more of the authentication modules has reached its limit of tries authenticating the user. Do not try again.
PAM_SUCCESS
The user was successfully authenticated.
PAM_USER_UNKNOWN
User unknown to authentication service.
SEE ALSO
pam_start(3), pam_setcred(3), pam_chauthtok(3), pam_strerror(3), pam(7)
Linux-PAM Manual 06/04/2011 PAM_AUTHENTICATE(3)