[tech] manbo, ldap, stuff
James Andrewartha
trs80 at ucc.gu.uwa.edu.au
Sat Feb 17 13:19:19 WST 2007
On Sat, 17 Feb 2007, Davyd Madeley wrote:
> On Fri, 2007-02-16 at 22:32 +0900, James Andrewartha wrote:
>
>> So it all seems to be working, but some further testing will be required
>> before we switch it live on all systems. Passwords currently remain split,
>> but if they are changed from windows both will change, and using smbpasswd
>> will also change both. passwd should work on trusted machines but will
>> only change the unix password.
>
> So passwd can't be configured to change someone's authentication details
> in LDAP, or not until we switch over to LDAP as our auth mechanism top
> to bottom?
passwd will change their unix password, but not sambaLMPassword and
sambaNTPassword.
>> Also, Solaris comes with a nis/ldap connector, which could be used with
>> morwong as a slave to provide backup auth if manbo goes down (although I
>> will admit while this is somewhat crackful, it's easier than setting up
>> replication, at least initially.)
>> http://docs.sun.com/app/docs/doc/816-4556/6maort2to?a=view
>
> By replication, I assume you refer to LDAP replication?
Yes. Replication is something we should definitely look at, along with
setting up SSL. It doesn't look like OpenLDAP can replicate the Sun DS,
but the Sun DS does run on Linux so we can run it on another machine.
--
# TRS-80 trs80(a)ucc.gu.uwa.edu.au #/ "Otherwise Bub here will do \
# UCC Wheel Member http://trs80.ucc.asn.au/ #| what squirrels do best |
[ "There's nobody getting rich writing ]| -- Collect and hide your |
[ software that I know of" -- Bill Gates, 1980 ]\ nuts." -- Acid Reflux #231 /
More information about the tech
mailing list