Fedora Directory Server: the Evolution of Linux Authentication

 in
Check out Fedora Directory Server to authenticate your clients without licensing fees.

Jeramiah Bowling has been a systems administrator and network engineer for more than ten years. He works for a regional accounting and auditing firm in Hunt Valley, Maryland, and holds numerous industry certifications including the CISSP. Your comments are welcome at jb50c@yahoo.com.

______________________

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

fds with ldap

manohar's picture

hi..
i m done with installing FDS successfully.
can please help how can i authenticate the windows users using FDS.

Password policy problem between FDS and ADS

selvakumar.a's picture

Hi,
I have configured FDS and Syncronized with ADS.Every thing working fine.The password also syncronized between FDS server and ADS.When I change the password in windows client it is replicated to the FDS through ADS.But when I change the password in Linux client machine it does not replicated to the ADS. I need some clarification between FDS and ADS password policy.I hope some one will guide me.Thanks in advance.

el fedora es de maricones

Brunito's picture

es re penca la wea de fedora ds
es como una agenda ql
mas dificil de usar la mierda
ademas que el guru guru ql

LDAP isn't best suited for authentication

Anonymous's picture

Just to note, the directory usage that you describe (using LDAP for authentication) is a painfully wide-spread misconception.

Properly, you should use LDAP for publishing authorization data (e.g. group memberships), while authentication should be best implemented with use of Kerberos protocol.

By using LDAP for authentication, you throw away the possibility to provide single sign-on for your users.

You can use the Heimdal Kerberos server to store the data used by it in an LDAP directory - provided that it supports LDAPI connections and, as a result, it resides on the same machine that the LDAP server.

The version of Fedora Directory Server from CVS supports LDAPI.

BTW, IMHO the Kerberos and LDAP protocols should be merged in the future since they are so easily misused because of the distinction between them.

merge LDAP and Kerberos. LDAP

Anonymous's picture

merge LDAP and Kerberos. LDAP is a fully fledged directory access protocol not just an authentication widget. This is like saying SQL should be merged with Kerberos.

BTW, LDAPI support is now

Anonymous's picture

BTW, LDAPI support is now available with the latest stable version 1.1 of Fedora Directory Server.

Updating Alternatives (for Java and such)

Christopher Cashell's picture

Just a note, Red Hat provides a command, update-alternatives, for updating and maintaining links in /etc/alternatives.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState