HPE Community
Operating System - Linux
1827479 Members
2445 Online
109965 Solutions
New Discussion

Re: Login Control

 
ivychung2
Frequent Advisor

‎02-21-2006 06:31 PM

‎02-21-2006 06:31 PM

Login Control

We have 5 servers in our system , there are different application in each server , now the user need to login into different servers for these application , so they have to remember 5 different user login/password , if I want the simplify the login , can advise what function / software can more better to control the user login and easy for management ? does LDAP is the best choice ? thx
0 Kudos
Reply
11 REPLIES 11
Vitaly Karasik_1
Honored Contributor

‎02-21-2006 06:45 PM

‎02-21-2006 06:45 PM

Re: Login Control

IMHO, for configuring LDAP in LINUX is still needs work hard.
Old NIS ("Yellow Pages") will do it work for 5 machines and you can set up NIS server in 0.5 hours.

For start:
http://www.tldp.org/HOWTO/NIS-HOWTO/setting_nis.html What do you need to set up NIS?


Rgds,
Vitaly
PS: and don't forget about *points*! :-|
0 Kudos
Reply
ivychung2
Frequent Advisor

‎02-21-2006 07:07 PM

‎02-21-2006 07:07 PM

Re: Login Control

thx reply ,

Do you mean NIS is also a good choice for login control ? I have ever use it , is it easy management and have the same functionality with LDAP ? thx
0 Kudos
Reply
Dineshkumar
Advisor

‎02-21-2006 08:21 PM

‎02-21-2006 08:21 PM

Re: Login Control

Hi

For 5 servers NIS setup should be ok.
Among them one machine can act as NIS master server and you can migrate existing unix user to nis user

Regards,
Dinesh

RHCE# 807303594707347
0 Kudos
Reply
Vipulinux
Respected Contributor

‎02-21-2006 08:35 PM

‎02-21-2006 08:35 PM

Re: Login Control

Hi

What OS are you using? On redhat LDAP would be the best choice but looking at your env as you just need central logins on 5 server's NIS should work for you and its easy to configure as well.

For LDAP check this out:
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/ch-ldap.html

For NIS: use the linuxhomenetworking link provided in earlier post.

Cheers

0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎02-21-2006 08:57 PM

‎02-21-2006 08:57 PM

Re: Login Control

> is it easy management and have the same functionality with LDAP ?

NIS provides you with a single users/passwords database, so your users will be able to use the same username/password on all machines.
If you need more, please provide more details about your requerements.
0 Kudos
Reply
ivychung2
Frequent Advisor

‎02-21-2006 09:13 PM

‎02-21-2006 09:13 PM

Re: Login Control

thx reply ,

Do you mean LDAP is for a lot servers and NIS is for relative smaller no of servers ?
thx
0 Kudos
Reply
ivychung2
Frequent Advisor

‎02-21-2006 09:25 PM

‎02-21-2006 09:25 PM

Re: Login Control

thx reply,

I use RH Linux , now we only have 5 servers but maybe expand to 10 later , I want user have one single login/password , and only need to login to one of these server ( ldap server ) then can use all applications in different server , if so , is LDAP better than NIS ? thx
0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎02-21-2006 09:34 PM

‎02-21-2006 09:34 PM

Re: Login Control

LDAP is more scalable and secure than NIS.

If you already have MS Windows domain in your company, you already have LDAP (== Active directory) and by using AD for central user authentication you can intergrate Linux & MS Windows.

But LDAP configuration is still (IMHO) more complicated than NIS, you can build NIS very fast.
0 Kudos
Reply
Vitaly Karasik_1
Honored Contributor

‎02-21-2006 10:07 PM

‎02-21-2006 10:07 PM

Re: Login Control

>and only need to login to one of these >server ( ldap server ) then can use all >applications in different server , if so , >is LDAP better than NIS ?

Good idea, but it's not so easy to implement. The keyword for this is "single sign on". There are several solutions for this, but it's not trivial.

With NIS/LDAP authentication you just can use the same username/password for on all servers. In fact, after login to one of the servers you can user passwordless "ssh" for running applications on other servers.
0 Kudos
Reply
Vipulinux
Respected Contributor

‎02-21-2006 10:27 PM

‎02-21-2006 10:27 PM

Re: Login Control

Hi

MY idea is to have NIS if the no. of server's is less than 30-40
If more go for LDAP.

Looking at your scenario i think u should go for NIS

Cheers
0 Kudos
Reply
Ryan Frank
Advisor

‎02-23-2006 12:45 AM

‎02-23-2006 12:45 AM

Re: Login Control

I think it really depends on your requirements... Are these machines going to be production? if so they will probably be audited, and NIS does not provide a security auditors are happy with... You may want to look at NIS+ or LDAP... If you have a Windows AD infrastructure you could use Vintela to authenticate to the domain... or you could configure LDAP...

As everything seems to be pointing to LDAP for the future or authentication (in some way shape or form) I would work on the LDAP solution... This way you have it under your belt when things need to expand...

-Ryan
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.