[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Solaris User Account Management
I'll try to answer some of these...
On Wed, 2003-07-30 at 20:55, Joe Gainey wrote:
> I've got what should be a fairly typical situation. I've got about 500
> or so boxes that are divided into various and sometimes overlapping
> departments. I'm looking to figure out if LDAP will solve my user
> managment woes, so if anyone could answer the following questions and
> supply any URL's referencing the answer I would really appreciate it.
>
> All of these apply to a Solaris 8/9 envirionment
>
> 1. Can OpenLDAP be used for login in authentication and authorization?
>
authentication definitely - done that.
> 2. Can users be added with accounts on specific groups of machines?
>
> 3. Can users be added with an account on a specific machine?
>
> 4. Can users be added with different home directories on different
> groups of machines?
>
> 5. Can standard solaris password aging and rules be applied to user
> accounts?
solaris *requires* the use of shadowaccount objectclass (so you'll need
to adjust the migration script).
> 6. Can solaris be configured using the OpenLDAP and/or native LDAP
> clients to use TLS/SSL encryption?
never got the padl stuff to work happily with solaris but the native
stuff works fine for simple encrypted authentication.
> 7. Does using TLS/SSL encryption mean that account is protected from
> network sniffers?
yes, better than linux in my opinion as the autofs stuff is encrypted as
well.
>
> Anyone got any experience with any of those? All comments responces
> welcome.
as someoneelse said - check out the archives, quite a few people running
solaris clients and servers.
GREG
>
> Joe
--
Greg Matthews
iTSS Wallingford 01491 692445