To help and learn LDAP.
To Help: create FDS 7.1 rpm,pkgadd and hp depot packages.
To Lean: I heard it is possible to create a pure ldap authentication
any vaild user in a ldap server can login into a
RH/Solaris box without adding an user
entry in local /etc/passwd file.
I was able to configure proftpd use ldap authentication, and wondering why
not sshd or telnetd ?
My last attempt ended with ldap guru saying it is on ldap server side(it
need to support a RFCxxxx).
The goal is to escape NIS authentication and go to a ldap unix environment.
Nope.. Once in LDAP and everything is configured correctly on the linux
box, you don't have to do anything to passwd or shadow to let a user log
on to the box. I currently have this kind of setup using RHEL and it
[mailto:email@example.com] On Behalf Of T.J.
Sent: Wednesday, August 24, 2005 9:34 AM
Subject: Re: [Fedora-directory-devel] Does FDS 7.1 support RFC2307 ?
>From: Keith Sharp <kms(a)passback.co.uk>
>Reply-To: kms(a)passback.co.uk,"Fedora Directory server developer
>Subject: Re: [Fedora-directory-devel] Does FDS 7.1 support RFC2307 ?
>Date: Wed, 24 Aug 2005 14:15:43 +0100
>On Wed, 2005-08-24 at 07:11 -0500, T.J. Yang wrote:
> > Reading RFC 2307 Section 5.1 and 5.2 but it is still vague for me.
> > Which OS and which software module has Secction 5.2 functions
>I have done a degree of NIS replacement (passwd, group and automount
>entries) using the Fedora Core Linux operating system as both the
>and the server. The LDAP server I used was OpenLDAP.
>The functions in section 5.2 are normally implemented in the standard
>libc library. On Fedora Core that is glibc, and the implementation
>the files /etc/nsswitch.conf to determine which directory to use to
>lookup information: files, NIS, LDAP, etc. For authentication you may
>also need to configure the PAM system to use LDAP. Fedora Core
>a utility called system-config-authentication that has a simple GUI for
>configuring these systems.
I played with LDAP authentition a while back. I was quite happy I could
a ftp server(proftpd ?) setup to use ldap auth. I went on to pursure
authentication. after helps from others, I was able to setup a
RH9 box to authenticate user from my corporate ldap account. but the
catch is before ldap user can login, I need to create that same ldap
in /etc/passwd file. This sort of beat the purpose of ldap auth. I
this for about two years, Is RHEL3/4 still require the inseration of
into /etc/passwd ?
My goal is to have configure a Unix box to allow telnet/ssh login from
with a valid ldap account.Also I like to restrict the login access base
ldap user's group.
>Support on other operating systems and libc implementations will vary,
>you should contact the vendors or appropriate support groups for those
>Fedora-directory-devel mailing list
Fedora-directory-devel mailing list
Thanks for Rich's pointer about rfc2307.
I am interest to build a LDAP test server that can eliminate the need of
Is this possible ? have anyone done that already ?