NetworkAuthServer

Differences between revisions 3 and 4
Revision 3 as of 2006-11-05 20:14:35
Size: 2025
Editor: 207
Comment:
Revision 4 as of 2006-11-05 20:41:40
Size: 2392
Editor: 207
Comment:
Deletions are marked like this. Additions are marked like this.
Line 21: Line 21:
 * Dave
Line 22: Line 24:
 * provide single-sign on services for Linux/Windows/Mac OOTB
 * provide at least basic failover (e.g., OpenLDAP Master/Slave)
 * provide GUI user managment
 * provide a single home directory for each user that can be accessed from any Linux/Windows/Mac client

Packages:
 * smbldap-tools
 * slapd/FDS(?)
 * nscd
 * libnss-ldap
 * libpam-ldap

Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

Summary

Many schools we wish to deploy to manage their users and groups using LDAP. Currenly, Edubuntu doesn't fit into these environments easily, because we don't have automatic installation of tools that will enable this. If we wish to make a dent in these markets, we'll need this functionality.

Attendees

  • sbalneav, ogra, moquist, rwiederman, eharrison, rnovo, pschroeder, dtrask, jhaltom , jammcq, amitchell, stgraber (VOIP)

Rationale

Use cases

  • Dave

Scope

  • provide single-sign on services for Linux/Windows/Mac OOTB
  • provide at least basic failover (e.g., OpenLDAP Master/Slave)
  • provide GUI user managment
  • provide a single home directory for each user that can be accessed from any Linux/Windows/Mac client

Packages:

  • smbldap-tools
  • slapd/FDS(?)
  • nscd
  • libnss-ldap
  • libpam-ldap

Design

Properly integrate http://www.majen.net/smbldap/ which is used widely in k12LTSP setups for user and group management into edubuntu.

Package and install http://edsadmin.sourceforge.net/ as maintenance tool for the above server setup.

Implementation

Code

Data preservation and migration

Unresolved issues

BoF agenda and discussion

BoF Notes:

  • moquist has done much work on smbldap-installer, which installs and configures smbldap-tools with openLDAP. Prepend useradd, group tools with smbldap-, and CLI user management works as per normal. Goal will be to integrate smbldap-tools into edubuntu so it works out of the box.
  • For caching, we'll want to make sure nscd is installed.
  • For now, we'll only concern ourselves with dealing with other Edubuntu (smbldap-tools/openLDAP) servers. Feisty+1 we'll deal with true enterprise-level server considerations (e.g., failover) and AD integration.

* We may consider FDS instead of OpenLDAP; needs much discussion.

CategorySpec

Edubuntu/Specifications/NetworkAuthServer (last edited 2010-01-21 19:00:02 by 196-210-177-89-wblv-esr-3)