FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS Docs

 
 
LinkBack Thread Tools
 
Old 09-13-2011, 08:11 PM
Adrian Hall
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

http://wiki.centos.org/AdrianHall/CentralizedLDAPAuth
I would suggest it goes into the HOWTO section.--
Adrian Hall (Personal Account)


photoadrian@gmail.com



_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 
Old 09-13-2011, 08:27 PM
Paul Heinlein
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

On Tue, 13 Sep 2011, Adrian Hall wrote:

> http://wiki.centos.org/AdrianHall/CentralizedLDAPAuth
> I would suggest it goes into the HOWTO section.

Things I'd recommend adding to the discussion before official
publication of the page:

* sssd and ldap
* SSL/TLS

Of slightly less immediate importance, but worthy of inclusion further
down the road:

* master-slave ldap setup and failover on the clients
* ldap and samba for windows auth
* pointers to using ldap auth for, e.g., apache, jabber, sendmail, ...
* central user accounts and NFSv4

--
Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/
_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 
Old 09-13-2011, 08:36 PM
Adrian Hall
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

I'm totally with you on the SSL/TLS. *I've been swearing at that particular element for over two weeks now. *Since there is no slapd.conf any more, the method of introducing a certificate is not logical, nor documented.


I haven't looked into sssd. *Since it isn't installed by default on CentOS, why would that be a requirement? *(not saying it isn't a good thing, but I'd probably defer that to another document as with the other elements you suggested)

--
Adrian Hall (Personal Account)
photoadrian@gmail.com




On Tue, Sep 13, 2011 at 2:27 PM, Paul Heinlein <heinlein@madboa.com> wrote:


On Tue, 13 Sep 2011, Adrian Hall wrote:



> http://wiki.centos.org/AdrianHall/CentralizedLDAPAuth

> I would suggest it goes into the HOWTO section.



Things I'd recommend adding to the discussion before official

publication of the page:



* sssd and ldap

* SSL/TLS



Of slightly less immediate importance, but worthy of inclusion further

down the road:



* master-slave ldap setup and failover on the clients

* ldap and samba for windows auth

* pointers to using ldap auth for, e.g., apache, jabber, sendmail, ...

* central user accounts and NFSv4



--

Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/

_______________________________________________

CentOS-docs mailing list

CentOS-docs@centos.org

http://lists.centos.org/mailman/listinfo/centos-docs



_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 
Old 09-13-2011, 08:57 PM
Paul Heinlein
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

On Tue, 13 Sep 2011, Adrian Hall wrote:

> I'm totally with you on the SSL/TLS. I've been swearing at that
> particular element for over two weeks now. Since there is no
> slapd.conf any more, the method of introducing a certificate is not
> logical, nor documented.

Heh. To date, I've only setup CentOS 6 as an LDAP client. All my LDAP
servers run CentOS 5.

> I haven't looked into sssd. Since it isn't installed by default on
> CentOS, why would that be a requirement? (not saying it isn't a
> good thing, but I'd probably defer that to another document as with
> the other elements you suggested)

Concerning sssd, CentOS 6 kickstart will install and activate it if
you specify installation of the "Directory Client" package group.
Since that group looks like something that folks might want to install
on LDAP clients, I suspect it'll be more widely deployed than you
think.

--
Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/
_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 
Old 09-13-2011, 09:14 PM
Adrian Hall
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

Ok - so holding the article on the inclusion of SSL/TLS - I'll update this group once I've got that information. *I also want to include access controls in the final document since it is an authentication server. *


Regarding sssd - I wouldn't hold the document for this. *I've just been doing some reading on the subject. *Even if it is "deployed", that doesn't mean it is configured or started. *It looks like authconfig handles the vast majority of the work involved in authentication configuration in CentOS. *I'm assuming anyone who wants to use sssd will know how to alter the authconfig to allow that. *If not, it can be reviewed in a different HOWTO.


-Adrian--
Adrian Hall (Personal Account)
photoadrian@gmail.com




On Tue, Sep 13, 2011 at 2:57 PM, Paul Heinlein <heinlein@madboa.com> wrote:


On Tue, 13 Sep 2011, Adrian Hall wrote:



> I'm totally with you on the SSL/TLS. *I've been swearing at that

> particular element for over two weeks now. *Since there is no

> slapd.conf any more, the method of introducing a certificate is not

> logical, nor documented.



Heh. To date, I've only setup CentOS 6 as an LDAP client. All my LDAP

servers run CentOS 5.



> I haven't looked into sssd. *Since it isn't installed by default on

> CentOS, why would that be a requirement? *(not saying it isn't a

> good thing, but I'd probably defer that to another document as with

> the other elements you suggested)



Concerning sssd, CentOS 6 kickstart will install and activate it if

you specify installation of the "Directory Client" package group.

Since that group looks like something that folks might want to install

on LDAP clients, I suspect it'll be more widely deployed than you

think.



--

Paul Heinlein <> heinlein@madboa.com <> http://www.madboa.com/

_______________________________________________

CentOS-docs mailing list

CentOS-docs@centos.org

http://lists.centos.org/mailman/listinfo/centos-docs



_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 
Old 09-18-2011, 09:29 PM
Ralph Angenendt
 
Default New HOWTO Proposal: How to Configure Centralized Authentication on CentOS 6.0

On 09/13/2011 11:14 PM, Adrian Hall wrote:
> Ok - so holding the article on the inclusion of SSL/TLS - I'll update this
> group once I've got that information. I also want to include access
> controls in the final document since it is an authentication server.
>
> Regarding sssd - I wouldn't hold the document for this. I've just been
> doing some reading on the subject. Even if it is "deployed", that doesn't
> mean it is configured or started. It looks like authconfig handles the vast
> majority of the work involved in authentication configuration in CentOS.
> I'm assuming anyone who wants to use sssd will know how to alter the
> authconfig to allow that. If not, it can be reviewed in a different HOWTO.

Yeah, that looks like a good idea. Just ping us when you're ready for a
final review.

Regards,

Ralph

_______________________________________________
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs
 

Thread Tools




All times are GMT. The time now is 05:23 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org