Subject: | |
From: | |
Reply To: | |
Date: | Fri, 22 Jul 2016 09:45:15 +0200 |
Content-Type: | multipart/signed |
Parts/Attachments: |
|
|
Am 22.07.2016 um 01:11 schrieb David Sommerseth:
> Have a look at authconfig and sssd. The former should help configure
> all these things for you, including proper PAM setup as well as LDAP and
> Kerberos. For SSSD it is in particular helpful on laptops, where
> authentication data can be cached locally to be capable of offline
> authentication as well as caching enough information to automatically
> fetch a Kerberos ticket once the network access has been established.
I already had been using authconfig for sssd setup. Authentication (via
AD/ldap) and caching works well. I only need per user mounting of their
AD-directories and hadn't found a hint in the authconfig man page.
> And SSSD do have some support for handling the autofs/automount stuff too.
Ok, that seems the way to go. Through your tip I now found that there is
an autofs/automount via "ldap_autofs_*" in sssd. Let's see if I get this
set up.
> Otherwise, do have a look at the FreeIPA stuff too. There's a lot of
> good things in that package, which also doesn't require much resources
> on the server side. For clients, it gets even easier. You just need to
> install the proper IPA packages and run ipa-server-install or
> ipa-client-install, that's mostly all you need. FreeIPA also makes use
> of SSSD and authconfig under the hood.
Yeah, looks like good thing but afaics I would have to set up a server
for that. I think at first I have to get comfy with the basics in the
"red hatted" world (I am coming from a debianic and SUSE background).
Thank you for your hints!
Cheerz,
Lars
|
|
|