[geeks] single sign-on, centralized auth

[Matthew Braun]

> Message: 5
> Date: Thu, 18 Jul 2002 22:59:16 -0400
> From: Ryan <mattyml at daemons.net>
> To: geeks at sunhelp.org
> Subject: Re: [geeks] single sign-on, centralized auth
> Reply-To: geeks at sunhelp.org
>
> LDAP is great for this.
>
> Kurt Huhn wrote:
> > My first research project at $job fell into my lap while trying
> to get my VPN
> > tunnel setup today.  What I've got to do is come up with a way
> to centralize
> > the authentication.  I'm looking for somthing to centralize
> UIDs, GIDs, and
> > work across Solaris, Windows, Linux, etc.
> >
> > Any ideas?  The only thing I've used before was RSA ACE/Server,
> and that costs
> > $$$$...

Perhaps looking at Microsoft Windows Services for Unix
(http://www.microsoft.com/windows/sfu/default.asp) might be a helpful source
of info. See if you can get some information on what extensions they've
added to the AD to be unix-authentication friendly. You might just be able
to copy the entire Unix-modified schema into an iPlanet (or whatever) DS and
fake out the NT boxes that expect to contact a directory service.

I'm probably going to use this solution directly at home (yes, I run Win2k
Server so that my Windows boxes feel happy) but I've been waiting for my
copy [1] so I'd like to hear about others experiences.


[1]: It's only $99 (in some places $79). Wow. That's cheap. It's almost as
if they want to get more people who use Unix to use Windows... But that's
just the liquor talking.


===========[b l i x]============
"I live in a giant bucket"
================================