LDAP question from network/server inexperienced

[dragonbite]

While I've been using Linux for a little while now, I have only recently been getting into setting up and using a server at home (in part because until recently I only had ONE computer at home).

I have heard of LDAP and OpenLDAP, but I am not sure if this is the best tool to do the following.

• Centralize logins and passwords for all of the computers at home, so I only have to change/manage one place . Since I keep installing Linux Distros it would be nice if I didn't have to add each person, individually each time.
• Provide single sign-on authentication for the user so when they go to the Samba server they don't have to do another login, but they are limited in what they can see. Basically I don't want the kids being able to see *MY* files
• Works with Linux (various) and Windows (Windows 7 more than XP)
• Works with desktop and laptop
• Be able to, possibly, pass this authentication to the web server so likewise do not need to log into the web server after logging into the computer.
• (optional) be able to set up a script to run automatically to either map network drives or mount samba directories based on the user being logged in (smb://user/<username>) and/or backup the system. I say optional because if it can that is great, but if it cannot then it isn't a show-stopper.

Like I said, I am very new to servers and networking and do not know where to start regarding this. Right now I have a basic (too open) file server and a web server just beginning to be developed (working on Drupal).

Not only do I need to figure out what/where to research about the server settings but also setting up the client-side of things.

Any help, direction, suggestions are welcomed. Thanks.

[smr54]

There is a Fedora directory server--not sure how easy or difficult it is to setup.

LDAP itself can be complex, though much of that is due to the fact that the documentation is all over the place, and often version specific--e.g., ArchLinux has their own wiki article, but some of it is only for ArchLinux.

You can try

http://home.roadrunner.com/~computertaijutsu/ldap.html

as a possible starting point. (Has links at the bottom for other good places, but nothing on samba.)

[GrapeShot]

We use a CentOS based LDAP Directory Server at work to authenticate Windows (XP, Vista, 64 & 32 bit) systems as well as Linux clients (Fedora 10-12) to the network and SMB shares.

Instructions for integrating Samba into the Directory Server, go here.

If you are looking to make your LDAP server authenticate Windows clients as if they were joining a Windows Domain, then follow this guide. I didn't write that guide, but I have done some work based on it.

As I said, we use it at work, but do not use anything like network homes for Windows users or running login scripts. If you have a good understanding of Samba, that should not be too hard to manage.

The Directory Server is a good tool to know. If you search on the internet, you will find that you can also control SUDO access and NFS based home folders with it.

Good Luck! Let me know if you have any problems.

[dragonbite]

Quote:

Originally Posted by GrapeShot

We use a CentOS based LDAP Directory Server at work to authenticate Windows (XP, Vista, 64 & 32 bit) systems as well as Linux clients (Fedora 10-12) to the network and SMB shares.

Instructions for integrating Samba into the Directory Server, go here.

If you are looking to make your LDAP server authenticate Windows clients as if they were joining a Windows Domain, then follow this guide. I didn't write that guide, but I have done some work based on it.

As I said, we use it at work, but do not use anything like network homes for Windows users or running login scripts. If you have a good understanding of Samba, that should not be too hard to manage.

The Directory Server is a good tool to know. If you search on the internet, you will find that you can also control SUDO access and NFS based home folders with it.

Good Luck! Let me know if you have any problems.

Thanks! Now I know what I'll be reading at home for the next couple of days! I was thinking about using CentOS too.