Re: Authentication architecture on a Unix Network
- From: Colin McKinnon <colin.thisisnotmysurname@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 17 Jan 2007 21:25:08 GMT
Jeremy Worrells wrote:
On 2007-01-16, kona <kona_iron@xxxxxxxx> wrote:
Until now we always used authentication again local /etc/passwd file
for our Unix servers.
We have about 300 machines of different OS, Sun, HP, AIX and some Linux
We would like to centralize all this part of authentication.
We do not would like to use NIS,NIS+
All recommendations, advices, links are welcome.
What I'm interested is on a centralized architecture. As the principle
of ActiveDirectory on Windows domain
My suggestion would be to look into LDAP for centralized, secure
Microsoft's version of LDAP is called...Active Directory - but of course it
has weird differences from everybody elses' version - so you can
authenticate Unix clients against a MS AD server but its very tricky to get
MS clients to authenticate against a Unix LDAP.
If you ever might be interested in authenticating MS clients, take a look at
Samba and GOSA, also the LDAPgina.