[wplug] LDAP for Linux Authentication
Jonathan Billings
billings at negate.org
Wed Feb 15 18:10:35 EST 2006
On Feb 15, 2006, at 4:37 PM, Benjamin Slavin wrote:
> I'm currently looking to migrate some Linux systems to LDAP-based
> authentication but can't find a decent guide as to how to make it
> happen.
Strictly speaking, LDAP doesn't provide authentication services --
only directory services. However, your LDAP server might require
authentication to establish a connection to it, but that really means
the authentication is being handled by some other service, probably
locally on the LDAP server, that might use the LDAP directory for
storing information. Most likely, LDAP is being used to provide
authorization information, i.e. whether a particular user (who has
already been authenticated) is allowed to log into a particular
system. NIS is used in a similar model, only less securely.
I know it sounds like I'm splitting hairs here, but the difference
between authentication and authorization is important when
considering the security of a system.
--
Jonathan Billings <billings at negate.org>
More information about the wplug
mailing list