Re: [PLUG] openldap certificates deployment considerations?

Jason Stelzer on 30 Dec 2009 11:57:41 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] openldap certificates deployment considerations?

From: Jason Stelzer <jason.stelzer@gmail.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] openldap certificates deployment considerations?

Date: Wed, 30 Dec 2009 14:57:36 -0500

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

For what it's worth, I think you may be interested in kerberos + ldap. Yeah, I realize I'm probably adding something you're not familiar with into the mix, but IMO kerberos is easier to manage from the perspective of 'this host is trusted on the network, I will honor its ticket'. I know this isn't the most articulate email in the world; I'm a little rushed. Just have a look at the intro and overview at this link and decide if it fits the bill for you. http://wiki.debian.org/LDAP/Kerberos On Wed, Dec 30, 2009 at 1:56 PM, Mike Sheinberg <m.sheiny@gmail.com> wrote: > Hey all, > > I wanted some group feedback regarding painless (relatively) deployment of > an open-ldap server for use of authenticating some linux desktops and a mail > server. It seems the easiest method for me thus far is to utilize the Red > Hat Directory Server (aka 389 DS for CentOS) because it has a rather nice > GUI and takes a lot of the configuration details out of the deployment. > Luckily this project has very good documentation on the whole process but > I'm getting a bit stuck on the whole certificate process. Anyone know of any > good guides that will assist me in configuring my server to only allow > certified clients to connect (via SSL). I know this is a rather broad > question so I just need a good launching point, obviously theres still a lot > of reading I have to do. Consequently if there is an easier way for me to > accomplish this (I'm not against using an Active Directory server to > authenticate to) feel free to shoot that suggestion out there. > > Thanks! > Mike > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > -- J. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

[PLUG] openldap certificates deployment considerations?
From: Mike Sheinberg <m.sheiny@gmail.com>

Prev by Date: [PLUG] openldap certificates deployment considerations?

Next by Date: [PLUG] Monitor Resolution

Previous by thread: [PLUG] openldap certificates deployment considerations?

Next by thread: [PLUG] Monitor Resolution

Index(es):

Date

Thread