Re: Authentication architecture on a Unix Network



Thank's all for your advices.
I think about the Kerberos solution but what about my configuration :
On some Unix machines we host some different customers.
So each customers have to authenticate again it's own authentication
systems
We can use a same LDAP instance for all customers. Each customers have
it's own specific LDAP branch.
But what about in case of a Kerberos solution ?
As each customers have it's own Windows Domain with it's own AD, is it
possible from a Unix machine to address the AD of the right customer ?

K.

Colin McKinnon wrote:
Jeremy Worrells wrote:

On 2007-01-16, kona <kona_iron@xxxxxxxx> wrote:
Hi,
Until now we always used authentication again local /etc/passwd file
for our Unix servers.
We have about 300 machines of different OS, Sun, HP, AIX and some Linux
We would like to centralize all this part of authentication.
We do not would like to use NIS,NIS+
All recommendations, advices, links are welcome.
What I'm interested is on a centralized architecture. As the principle
of ActiveDirectory on Windows domain
Thank you


My suggestion would be to look into LDAP for centralized, secure
authentication.


Microsoft's version of LDAP is called...Active Directory - but of course it
has weird differences from everybody elses' version - so you can
authenticate Unix clients against a MS AD server but its very tricky to get
MS clients to authenticate against a Unix LDAP.

If you ever might be interested in authenticating MS clients, take a look at
Samba and GOSA, also the LDAPgina.

HTH

C.

.



Relevant Pages

  • Re: Adding Solaris 10 machine to Active Directory Authentication
    ... This allows the Unix systems to access and share out windows style ... Unix style NFS shares. ... Authentication: Do this using Kerberos. ... Do this using LDAP but protect the LDAP bind and data ...
    (microsoft.public.windows.server.active_directory)
  • Re: LDAP setup with Linux, Help Needed
    ... I'm creating an LDAP server which will be in place for all our unix ... If your Unix supports Pluggable Authentication Modules, ...
    (comp.unix.admin)
  • Re: What protects Unices from Virus like attacks ??
    ... >> what protects all Unix machines from such similar problems. ... > If a vulnerability is found for Unixen, ... I met security engineers that were aghast at some of the ... Many MS customers don't know what to do ...
    (comp.unix.questions)
  • Re: What protects Unices from Virus like attacks ??
    ... >> what protects all Unix machines from such similar problems. ... > If a vulnerability is found for Unixen, ... I met security engineers that were aghast at some of the ... Many MS customers don't know what to do ...
    (comp.unix.programmer)
  • Re: What protects Unices from Virus like attacks ??
    ... > what protects all Unix machines from such similar problems. ... Microsoft, ignored many of those ... Many MS customers don't know what to do ...
    (comp.unix.programmer)