Home » forums » Tech Support » Networking and Servers » centralised authentication
Submitted by ramez.hanna on Thu, 27/01/2005 - 13:40.
( categories: Community | Networking and Servers )

i am trying to figure out how to do centralized authentication in a linux environment
i researched a little and got the following results i have learned about 2 alternatives
1- smb authentication through samba server and let pam and samba point to the same backend such as samba native backend or ldap
2- NIS
so now NIS is not in my scope because i have a couple of windows clients
that leaves me to the SMB thing, now i know that samba can authenticate against LDAP and it has a native backend (forgot the name) and pam can do sam_auth and ldap_auth so sinse i don't know much about LDAP i will go for the samba native backend and i intend to to let pan authenticate against samba

my question is : is that a resonable setup ? what are the security implications of letting pam authenticate against samba?
and the must-ask-question is the a better way that i have missed?
thanks guys

add new comment | previous forum topic | next forum topic
my apology if I dont get you
Submitted by Hossam (not verified) on Fri, 28/01/2005 - 19:02.

my apology if I dont get you well..

What do you mean by centralized authentication? Something like a centralized login into windows domain but for linux?

If that's the case, then yes samba can be configured with ease to act as a domain controller and with some few advanced configurations it can make use of LDAP as an authentication backend instead of the default authentication using smbpasswd.

There is a useful electronic book about samba called "O'Reilly - Using Samba.pdf"..

Cheers, Hossam

reply
you got me well
ramez.hanna's picture
Submitted by ramez.hanna on Sun, 30/01/2005 - 10:17.

you got the first part of the question well, but i'm asking is there a better way to do the centralized login ? what are the security implications of using smbpasswd for the linux system or the LDAP than using the /etc/passwd file?
in other words what gives linux its security the password backend or PAM or what else? (i guess we might need a linux security concepts session)

the best things in life are free --- so as myself


reply

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.