[wplug] Directory Servers
Brian A. Seklecki
lavalamp at spiritual-machines.org
Fri Dec 16 02:33:28 EST 2005
On Thu, 2005-12-15 at 16:03, Nathan Embery wrote:
> Hi,
> I'm about to implement a Directory server here at work for all our
> servers and network equipment. So far, from what little research I've
> done, it looks like OpenLDAP with FreeRadius on top is the way to go.
It took a while to adjust my mindset, but I'm running NSS/PAM LDAP for a
lot of UNIX systems to OpenLDAP, I've got FreeRADIUS on top of that for
the Cisco EAP/TLS/CHAP/802.1x. Plus I tied in my entire Certificate
Authority / PKI (plus S/MIME PKCS#12 in the LDAP). Jabber, Apache/PHP,
OpenCA, Samba all tied in, too.
It really is a beautiful thing.
~BAS
> However, this isn't exactly the easiest thing to set up and maintain.
> Now, I've also been reading up on the RedHat Directory Server as well,
> and was wondering what everyone's thoughts on this were?
> Is anyone using OpenLDAP to authenticate all your servers, with
> some sort of Radius server tied in for the network stuff? What type of
> pitfalls can I expect? How about the RedHat Directory Server; is it
> worth while to investigate? Keep in mind that I have no requirement
> for windows machines, this is an all Unix shop.
>
> Thanks,
> Nate
>
> ______________________________________________________________________
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
More information about the wplug
mailing list