Doug Stewart wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Howdy all: Is anyone using OpenDirectory as a stand-in for NIS in a RedHat/Solaris environment? Apple's admin tools are very compelling, particularly for our Mac clients and we'd love to leverage the OD setup to give our RH, Solaris (and even Windows) clients an LDAP-based single sign-on. Are there perils/gotchas that I should be on the lookout for? I'm about to reboot my RHEL 4.3 desktop, having just enabled LDAP authentication, so I'll see what happens here in the short run, but I'd love advice and tips from anyone so inclined to give 'em.
If you want to authenticate Windows client, I suggest you look closely at Active Directory on Windows 2003 Server, and consult with someone who understands Group Policy.
Using Group Policy, you can lock down the Windows desktops very tightly indeed.
I've not yet tried authenticating Linux clients against AD, but I believe it's possible. I _have_ made some simple LDAP enquiries from Linux against AD.
I asked previously (on this list, I think) about replacing Windows 2003 Server with Linux, and the replies were not very encouraging. Windows has the advantage of having the correct schema to start with, and quite a nice GUI to manipulate the directory content.
I have not looked into OpenDirectory yet, but maybe I should. -- Cheers John -- spambait 1aaaaaaa computerdatasafe com au Z1aaaaaaa computerdatasafe com au Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ do not reply off-list