Single ldap account, different passwords?


 
Thread Tools Search this Thread
Special Forums Cybersecurity Single ldap account, different passwords?
# 1  
Old 02-01-2014
Single ldap account, different passwords?

Is it possible, either by software solution or configuration, to provision a single user account that has different passwords depending on what group of servers it is attempting to connect to?

We have a dev, sit, uat, and production environment. They want to be able to set passwords in dev for specific users, differently than they would be in production... This is a service account used by applications only. My initial suggestion was to create service accounts locally, and provision the access to users via sudo. That solution isn't gaining much traction yet, so any idea would be appreciated. Thanks in advance.
# 2  
Old 02-02-2014
Give each of your four environments its own set of LDAP servers. In this day of virtual servers it's not that expensive.
This User Gave Thanks to Perderabo For This Post:
# 3  
Old 02-03-2014
Appreciate the feedback. That has definitely been considered, but apparently also gunned down as not "cost effective". I my initial plan is what I need to stick with. I just need to convince the management this is the better approach. I suspect that if I draft out the cost of 4 LDAP servers and the time required to manage those servers will be a compelling argument... or maybe if they really want it, they'll pony up the cash. Smilie
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

One account with multiple passwords

Hi I am currently using saslauthd to authenticate users onto an imap server (cyrus). I need to have it so that a user can logon to an account with multiple passwords (even just two would work). Is this at all possible within linux? Right now I am using the shadow file for authentication with... (2 Replies)
Discussion started by: duonut
2 Replies

2. AIX

How do I enable 16MB pages for an account that uses LDAP?

With an account that uses "Login AUTHENTICATION GRAMMAR" = "LDAP", I get this when trying to enable 16 MB page support: -bash-3.00# chuser capabilities=CAP_BYPASS_RAC_VMM,CAP_PROPAGATE trbld Error changing "capabilities" to "CAP_BYPASS_RAC_VMM,CAP_PROPAGATE" : Value is invalid. I also tried... (1 Reply)
Discussion started by: mdyeager
1 Replies
Login or Register to Ask a Question