[LDAP-interop] Re: Distro / Setup Suggestions
Michal Kurowski
mkur at gazeta.pl
Mon Aug 15 11:14:51 EDT 2005
Peter Stickney [pstickney at pvpsc.com] wrote:
>
> Where I would like to stick to Slack because it is what we run on our
> other linux servers, I am willing to accept that it might not be the
> right distro for the job. Was wondering if anyone had any insight to
> getting all this to work on Slack, or if not, what the best distro for
> the job might be.
Samba does not really need PAM. You can go on with Slack with no
problem.
What might be a problem is lack of pam_ldap. But only for your local
unix accounts. You might find it a bit difficult to hook up more
advanced login policies, like password changing, password expiration,
etc. You will also have to implement your own schema management
solution with regard to ldap binding. Relying on nss_ldap only you
basically can go either with manager-type account binding or proxy
binding (the latter might not be really available in OpenLdap). You
will have to store the credentials on your client anyway.
My advise would be to plan and implement it really carefully so you
can use the same binding identity for both samba and local accounts.
If you would go with PAM based solution it wouldn't be any different
for samba.
Remember about SSL too.
>
> Thanks for the advice and have a good weekend.
Cheers,
--
Michal Kurowski
<mkur at gazeta.pl>
_______________________________________________
LDAP-interop mailing list
LDAP-interop at fini.net
http://lists.fini.net/mailman/listinfo/ldap-interop
More information about the LDAP-interop
mailing list