[wplug] LDAP for Linux Authentication

Jonathan Billings billings at negate.org
Wed Feb 15 18:10:35 EST 2006


On Feb 15, 2006, at 4:37 PM, Benjamin Slavin wrote:
>  I'm currently looking to migrate some Linux systems to LDAP-based  
> authentication but can't find a decent guide as to how to make it  
> happen.

Strictly speaking, LDAP doesn't provide authentication services --  
only directory services.  However, your LDAP server might require  
authentication to establish a connection to it, but that really means  
the authentication is being handled by some other service, probably  
locally on the LDAP server, that might use the LDAP directory for  
storing information.  Most likely, LDAP is being used to provide  
authorization information, i.e. whether a particular user (who has  
already been authenticated) is allowed to log into a particular  
system.  NIS is used in a similar model, only less securely.

I know it sounds like I'm splitting hairs here, but the difference  
between authentication and authorization is important when  
considering the security of a system.

--
Jonathan Billings <billings at negate.org>




More information about the wplug mailing list