Re: good LDAP resources
- Date: Mon, 27 Feb 2017 18:54:14 +0100
- From: deloptes <deloptes@xxxxxxxxx>
- Subject: Re: good LDAP resources
Dan Ritter wrote:
> On Sat, Feb 25, 2017 at 02:16:27PM -0800, briand@xxxxxxxxxxx wrote:
>> I need to set-up some sort of password server for a small network so that
>> i don't have to set-up accounts on every machine.
>> It looks like LDAP is the best way to do that.
>> Is it ?
>> I've been looking at the LDAP how-to's and even tried to turn things on
>> using one of them, but I can't quite get things working.
>> Can someone point me to a good resource as to how to make it work ?
> Depends on how small. I would say there is no particular payoff
> for LDAP until you get to somewhere between 10 and 100 machines,
> depending on what your userbase looks like.
> For example: if you use puppet, chef, ansible or any of the
> other configuration management tools, it's easy to distribute
> users with that, and you get to distribute /etc/sudoers and
> other things as well.
> If you need instant password changes across a fleet of machines,
> though, or you have a lot of people who all want to change their
> passwords regularly, LDAP is the way to go. Remember that nearly
> everything will be dependent on LDAP, so you need to have a
> minimum of three physical machines to serve it from.
> http://techpubs.spinlocksolutions.com/dklar/ldap.html might
> help you out.
This is also a good article