DJ Lucas dj at linuxfromscratch.org
Fri Dec 3 22:34:53 PST 2004

Archaic wrote:

> At this point here is what people need to be authenticated for:
> Webmail
> SSH (though that may stay in /etc/passwd for now since most users only
>      have shell access on certain systems, not all of them)
> Windows/Linux local logins (Roaming profiles are not used)
> In-house web and java apps

Okay...I missed something I think...Do you want centralized auth for the 
local machines or not?  If it's just a centralized login for the mail 
servers and nothing else, then have a peak at the LDAP configs in the 
JAMM howto.  It's specific to the JAMM mail admin proggy (runs on 
jakarta), which is kinda nice itself and simple enough to use for your 
CS reps and end users, and not very many features to get them into 
trouble.  That might give a few clues as to what is needed for a simple 
LDAP setup...Heck might even be exactly what you are looking for.  If 
you'd like to demo a working setup (I have only about 15 accounts now, 
so I can't say how performance is), mail me privately.  OTOH, if you 
want a single ticket at login for the entire network, then I'm way 
off-base and way outa my league ATM.  For that, take a peak at Randy's 
Kerberos/SASL/LDAP hint to give you a rough idea of what is required.

-- DJ Lucas

More information about the blfs-support mailing list