Jump to content

Authentication Backend For Use With Linux, Mac, And Windows


Phil K.

Recommended Posts

If you could could start from scratch how would you implement authentication with user profile folders on a network that needs to support linux (70%), mac (29%), and windows (1%) pcs.

I was thinking about starting with an LDAP master and having to slave nodes (one using open directory and the other active directory) to be able to take advantage of some management features for mac and windows.

- Is this worth doing?

Assuming you would choose LDAP, I have found the setup on linux to be a bit confusing, having not worked with LDAP at all.

- Would you know where I could find some good documentation on LDAP? (sites or books)

- Are some automated installers, that will walk you through a basic setup?

- Do you know of any good management tools to use? mac or linux preferred.

As far as roaming profile or h:drives are concerned. I'm not sure how I would want to implement those. It would be nice to be able to login to any linux box and get the desktop just how you like it, same with the Mac. But I don't mind just mounting a central storage location to the users /home/$profile directory. So at least they will always have access to their files. 95% of the macs are self administered at this point anyways.

- Thoughts?

Does anyone have any experience/knowledge on migrating NIS to LDAP? If so do you have any tips?

I know darren says eff ldap? Would you recommend anything else? I was considering open directory, but until I can run it in ESXi without hacking the crap out of it, I will need to stick to something that I can actually rack mount. ;)

Thank you in advance, I appreciate any incite you would be able to give me!

Phil K.

Link to comment
Share on other sites

In a large userbase environment a RADIUS server can be very useful, especially if you want to do 802.1x authentication on the network (wireless or wired).

Of course Radius servers and LDAP servers can work together in harmony with one using the other to pull out most of the information it requires from the other.

Link to comment
Share on other sites

Radius authentication is one solution, the other one would be using a Windows Server machine with AD (active directory) and NTFS permissions to control user access. But not very sure, how Linux and Windows will play together, on a side note I've tried it with Macs and seems to work fine.

Link to comment
Share on other sites

Um, whats wrong with SAMBA? I believe there are native clients in MAC and Linux these days. This way Windows, Mac and Linux can share files without need for extra overhead to install and configure stuff. Right click your folders/directories you want to share, set a password for the share.

Link to comment
Share on other sites

Um, whats wrong with SAMBA? I believe there are native clients in MAC and Linux these days. This way Windows, Mac and Linux can share files without need for extra overhead to install and configure stuff. Right click your folders/directories you want to share, set a password for the share.

Again it depends on the size of the userbase that he is dealing with. For a small SOHO company then SAMBA is great, for a larger organisation the management of it all becomes a complete nightmare.

Link to comment
Share on other sites

Like mentioned before it all depends if you have a small or large organization.

But if you want a virtual server to go take a look here => Turnkey Fileserver

This is a preconfigured fileserver with samba.

If you have a larger organisation then you can check this link out to configure ldap with samba => Samba & LDAP

This wiki page contains a lot of information to start with.

Hope it can be of any use.

Link to comment
Share on other sites

  • 4 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...