Phil K. Posted September 1, 2011 Posted September 1, 2011 If you could could start from scratch how would you implement authentication with user profile folders on a network that needs to support linux (70%), mac (29%), and windows (1%) pcs. I was thinking about starting with an LDAP master and having to slave nodes (one using open directory and the other active directory) to be able to take advantage of some management features for mac and windows. - Is this worth doing? Assuming you would choose LDAP, I have found the setup on linux to be a bit confusing, having not worked with LDAP at all. - Would you know where I could find some good documentation on LDAP? (sites or books) - Are some automated installers, that will walk you through a basic setup? - Do you know of any good management tools to use? mac or linux preferred. As far as roaming profile or h:drives are concerned. I'm not sure how I would want to implement those. It would be nice to be able to login to any linux box and get the desktop just how you like it, same with the Mac. But I don't mind just mounting a central storage location to the users /home/$profile directory. So at least they will always have access to their files. 95% of the macs are self administered at this point anyways. - Thoughts? Does anyone have any experience/knowledge on migrating NIS to LDAP? If so do you have any tips? I know darren says eff ldap? Would you recommend anything else? I was considering open directory, but until I can run it in ESXi without hacking the crap out of it, I will need to stick to something that I can actually rack mount. ;) Thank you in advance, I appreciate any incite you would be able to give me! Phil K. Quote
Jason Cooper Posted September 1, 2011 Posted September 1, 2011 In a large userbase environment a RADIUS server can be very useful, especially if you want to do 802.1x authentication on the network (wireless or wired). Of course Radius servers and LDAP servers can work together in harmony with one using the other to pull out most of the information it requires from the other. Quote
Infiltrator Posted September 1, 2011 Posted September 1, 2011 Radius authentication is one solution, the other one would be using a Windows Server machine with AD (active directory) and NTFS permissions to control user access. But not very sure, how Linux and Windows will play together, on a side note I've tried it with Macs and seems to work fine. Quote
digip Posted September 1, 2011 Posted September 1, 2011 Um, whats wrong with SAMBA? I believe there are native clients in MAC and Linux these days. This way Windows, Mac and Linux can share files without need for extra overhead to install and configure stuff. Right click your folders/directories you want to share, set a password for the share. Quote
Jason Cooper Posted September 1, 2011 Posted September 1, 2011 Um, whats wrong with SAMBA? I believe there are native clients in MAC and Linux these days. This way Windows, Mac and Linux can share files without need for extra overhead to install and configure stuff. Right click your folders/directories you want to share, set a password for the share. Again it depends on the size of the userbase that he is dealing with. For a small SOHO company then SAMBA is great, for a larger organisation the management of it all becomes a complete nightmare. Quote
niels Posted September 2, 2011 Posted September 2, 2011 Like mentioned before it all depends if you have a small or large organization. But if you want a virtual server to go take a look here => Turnkey Fileserver This is a preconfigured fileserver with samba. If you have a larger organisation then you can check this link out to configure ldap with samba => Samba & LDAP This wiki page contains a lot of information to start with. Hope it can be of any use. Quote
Phil K. Posted September 27, 2011 Author Posted September 27, 2011 Thanks for all the replies. I think I will be sticking to OpenLDAP. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.