Networking :: Centralized Authentication For Existing Network ?
Apr 29, 2010
This is what I have... An existing network with about 2 dozen Linux servers, varied distros, and about 3 dozen workstations, the vast majority of which are Windows XP pro, but there is one Windows Vista business, two Ubuntu, one Mac, and soon to be a Windows 7 pro. User accounts vary across all servers. There are 4 samba servers hosting different file shares.
This is what I need to do... I must centralize the user password database for all workstations if possible, if not, at least for all the windows workstations. I also need the user passwords for the samba file shares to be synchronized with those of the workstations. I need to have the workstation/file-share passwords expire every 90 days. I also must centralize the user passwords for all Linux Servers, but this can be done separately and I know there are tools like Kerberos available for this.
Is this possible to do with so many user accounts already existing in so many different places on the network, or would this "centralized authentication" require new user accounts to be created across the network?
If this is possible, what tools/services are the easiest and fastest to set this up with? As usual, I have an urgent deadline looming over me for this project and am trying as hard as I can to avoid the company slipping back into the realm of M$ or other proprietary software to accomplish this. Keep in mind, I don't need any additional services, such as roaming profiles, or anything like that. I really just need a centralized password database that can be referenced by Windows, and the Samba file shares.
View 4 Replies
ADVERTISEMENT
Dec 29, 2008
I have been able to accomplish my goal of creating an AD-like authentication using LDAP,SAMBA and LAM. From what I have seen you can have this type of setup but it doesn't allow the passing of group policies to the desktops of the users.
View 2 Replies
View Related
Aug 27, 2011
A time ago I've been trying to implement a PDC linux server with Samba and Openldap for centralized authentication for windows and linux clients, but I can NOT get it. So I read somewhere that there is another option called Directory Server and maybe that is possible to do. According to your experience do you recommend any 'how to' or 'tutorial' that will permit implement a PDC server for authenticating and sharing files and printers for windows and linux clients?
View 2 Replies
View Related
Jun 14, 2011
Is it possible/advisable to have centralized authentication across fedora 14, ubuntu 10.04, and win7 machines? I'm attempting to use 389 Directory Server on Fedora as the repository and not getting very far.
View 5 Replies
View Related
Jan 21, 2010
I'm new to networks and servers, been using Linux on the desktop for a while now but always relied on the company's IT guy for setting up everyting LAN-based.
Now I want to build up my home LAN, and want to do it with Linux. I've managed to set up LAMP and file share servers.
What I am looking for is information on what I need, and how to set up a server for the following tasks:Centralized Username and Password, that when the user logs into any one of the desktops in the LAN, it uses this for authentication
Something that allows this authentication to be utilized in other servers (file access, web access, router logging, etc.). Something to make it easier for continuing permissions from one service to another. e.g. I have IPCop filtering content, and it has provisions for tracking who is making which request if there is authentication going on. (optionally) to run a script for mounting Samba shares or mapped network drives so from one system to the next. For example, in whatever box somebody logs in, it mounts a server share ("smb://Myserver/users/<username>") to a local folder ("my_user_share").
So;user "fred" ="smb://Myserver/users/fred" and user "wilma" = "smb://Myserver/users/wilma" but both would find their respective one mounted under "~/my_user_share". This would be irrespective of which box they are loggin in with. If the server share location changes (new server/servername), I change it on the server so the next time they log in it points to the right place.
I guess it is similar to Window's Active Directory, though I'm not sure what it's called, how to configure it and what it is and is not capable of doing.
View 2 Replies
View Related
Oct 14, 2010
I would like to build a centralized address book for my SOHO server. Is that possible without the use of openLDAP (I would like to avoid that)?My clients will be:Thunderbird, KMail (for KDE 3.5) and webmail.If so, do you have any suggestions/Howtos?
View 4 Replies
View Related
Dec 22, 2010
I have an existing network that connects to the 'net via a Linux-based firewall. That system has two ethernet interfaces: one to the DSL modem and the other to the internal switch. Future plans were for adding a second "internal" interface with the idea of moving servers into that (think DMZ). But while I was planning for that, the missus has decided she wants to pick up a Windows laptop and would like to be able to use it wirelessly at home. I have access to a (free!) Netgear WGR614L and was hoping it would work. Unfortunately, I'm unsure how to add the wireless capability to our network.
Questions:
Is it best -- or even possible -- to use one the wireless router for this?
Is it possible to merely hang the Netgear router off the internal switch and set it up for the wireless users? Or...
Would I need to add another ethernet interface to the firewall and hang the router off that? The address of this new interface would act as the default route for the wireless users. Then I'd need to (I assume) add more rules to the iptables configuration to deal with the new network. (I sort of like this option -- it it's actually feasible -- as I can easily shut down any wireless access by logging into the firewall and stopping the interface connecting the wireless router.)
I've taken a look at the setup guide on the CD that came with the router and it assumes that you have a modem connecting your PC to the internet. The instructions have you placing the wireless router between the modem and that PC. For our network, that would have the wireless access coming into the "dirty" side of the firewall. (Not what I would like.)
View 4 Replies
View Related
Jun 22, 2010
I am an undergraduate student doing some work in Cambridge, MA on NS2. As my project/paper relates to simulating different types of applications like FTP, RTP, and SIP, as they relate to commercial products (VoIP, email, bittorrent, http) and congestion, I was wondering if anyone knows of any simulation models already available besides the example ones released by NS2 and the contributed code found at [URL]. Also, does anyone know of any tcl scripts that simulate specific applications (including the transport layer and Internet layer)? I am using Ubuntu 10.04 LTS and NS2 2.34
View 1 Replies
View Related
Dec 29, 2010
I have a client that has a basic network that uses comcast cable. He bought a NETGEAR N300 wireless router which has a 192,.168.3.X network and he attempted to add it to his 10.10.10.X network and all is fine. He laptops and such can get to the internet fine. The issue is he cannot get to any of his devices on his 10.X network. I have looked at his comcast router which is controlling his 10.X network to see if I can add addition routing to his 192.X network. but didnt see anything. I also am not to familiar with the N300 wireless router. I was going to have the wireless DHCP turned off and some get it to pull the DHCP stuff from the comcast side but dont see any area to do this.
View 2 Replies
View Related
Feb 7, 2010
if there is support for Network Level Authentication.
View 1 Replies
View Related
Apr 11, 2011
I have already managed to connect to my corporate wireless network which uses WPA Enterprise/PEAP along with an identity and a password using my *Android* phone.
Unfortunately, I am unable to do so via Ubuntu 10.10 on my laptop. The issue that I observe is that the 'Wireless Security' tab of network manager has 3 options MSCHAPv2, MD5 and GTC for Inner Authentication. But there is no option for 'None' - which is what my Android phone specifies.
I tested whether this difference was responsible by explicitly specifying these 3 authentication options on my android phone and with any of the 3 selected, the wireless connection was unsuccessful. So I confirmed that this phase2 or inner authentication needs to be set to None in order to be successful. But network manager doesn't seem to allow a none or empty option. Should I open a bug on this ?
Do I need to manually setup wpa_supplicant.conf and /etc/network/interfaces ? The latter is a long winded procedure and I am uncertain about the 'side-effects' it can have with the network manager applet.
View 1 Replies
View Related
Sep 1, 2010
My work has got a new Sharp MX-1800N network printer. The setup requires user authentification, one password for printing b&w, another for printing color. However when they try to set up my netbook running ubuntu desktop 10.04 they don't get it to prompt for a password, which makes the printer reject the printout. How do you fix this?
View 5 Replies
View Related
Nov 27, 2010
I have to setup a WiFi network for a hotel. There are several possibilities, but for me the best one is to setup a open Wifi network with web authentication for single user. What is the best solution in terms of compatibility, security, reliability, etc? I don't know many solution for web authentication, only the RADIUS project.
View 1 Replies
View Related
May 27, 2011
I have been trying to wirelessly connect to my network for weeks now. My netgear dongle is fully working. I have installed the driver using ndiswrapper. I can see my network and signal is excellent; everything is working perfectly. When I try to connect it thinks about it but never connects. The password is fine; it works great with other computers. decided to have a go with wicd, so got rid of the Gnome network manager and installed wicd. Adaptor and wicd appear to be working brilliantly EXCEPT I cannot connect. wicd tells me its a bad password. Password fine because it works brilliantly with every other device I connect to my network. If I remove security from network, it tells me it cannot get address, even though it sailed passed that with no problem when there was security. I have searched the internet for a solution to this problem time and time again. Lots of people seem to be having this problem, but no one knows the solution. Is there a solution? It happens with both Ubuntu 10.04 LTS v1 v2 and Ubuntu 11.04. What the heck is going on. This happens with WPA WEP and anything else I try to use
View 1 Replies
View Related
Dec 22, 2009
Ive been using fedora 11 fora few months now and suddenly today after I booted up fedora network authentication(the little icon that lets me choose wifi networks) isnt showing up in the upper right hand corner which isnt that big of a problem but the fact that its on start up applications and its not wondering is what Im wondering about but on top of that my internet doesnt work at all.It will work for a little bit after boot then die and when I go to network authentication and network manager no wifi networks show up and I have about 5 around my house not including my own which is also what ive been wondering.
View 7 Replies
View Related
Dec 17, 2010
the steps for how to connect my system to existing LAN.
View 3 Replies
View Related
Jun 23, 2010
I have an existing unix user that some how didnt make it into the copy over to our LDAP server. How do I add an existing unix user to an existing LDAP directory? Will ldapadd work? I was under the impression ldapadd required an ldif file to work properly.
View 7 Replies
View Related
Jan 24, 2011
I have created a CA on my server then created a server certificate under that then exported it as a common server certificate.I have then gone to my LDAP server and enabled TLS and told it to use the common server certificate.Now on my client I have enabled LDAP TLS/SSL and it's asking me to download a certificate ... from where ? Do I export the certificate to a file and put it on a web server.If so what format as the export offers loads.
View 1 Replies
View Related
Jul 12, 2009
I'm trying in the company where I work to persuade my co-partners to move slowly into the world of linux, but because everything are set up on Windows is quite difficult. Though I can install at least in one PC openSuse or Ubuntu (I prefer openSuse), but the problem is that I have to find a way to make the authentication to a Windows Domain, which is running Windows Server 2003.
How is this possible? Is this procedure painless or I have to read a lot of staffs in order to make it work? I would be obliged if you could give me some steps on how to do it. I can't stand windows any more
View 5 Replies
View Related
Jan 18, 2011
I'm using openSUSE 11.1 and would like to authenticate vsftp users against a mysql database. The newest version of pam-mysql I can find is from 2005. I'm concerned about using something from what appears to be a dead project. Is there an alternative? I'm trying to come up with a solution where I can manage FTP users from an application running from Windows desktops.
View 1 Replies
View Related
May 7, 2011
On this moment i configure a testenvironment with 1 Microsoft active directory server and 1 Opensuse 11 samba filesharing server. But i have a issue. The samba server is add to the domain and the servers can communicate with eachother. I can login to the domain on the samba server and the LDAP settings tab on yast2 samba configuration tool tell me that samba and the MS LDAP server can communicate with eachother. I can see the shares on the samba server but i can't autenticate myself. When i whant to logon than see i always "domain: domainname.local" and "access denied". My question is now how can i give the MS administrator account rights to view the shares and configure the rights for the other users.Samba config file
PHP Code:
[global]
workgroup = WIN-FVJBNQIJE9O@WOENSDRECHT.LOCAL
[code]....
View 1 Replies
View Related
Mar 9, 2010
I would like to use a wireless network from Ubuntu. In the network drop-down menu I select a network (this is a University network I have an account there). Then I get a windows with the following fields:
Wireless Security: [WPA&WPA2
Enterprise] Authentication:
[Tunneled TLS] Anonymous Identity:
[] CA Certificate: [(None)]
Inner Authentication: [some
letters] User Name: []
Password: []
I put there my user name and password and do not change default value and leave "Anonymous Identity"blank.
As a result of that I get "Authentication required by wireless network". How can I solve this problem?
I think it is important to notice that our system administrator tried to find some files (which are probably needed to be used as "CA Certificate"). He said that he does not know where this file is located on Ubuntu (he support only Windows). So, probably this is direction I need to go. I need to find this file. But may be I am wrong. May be something else needs to be done.
View 2 Replies
View Related
May 20, 2010
Migrating whole Corporate Windows stations to Ubuntu which is a huge thing so I'd like to do it right and as painless as possible to users.
Here's how it's done now: Main server are already running Linux for years with DHCP, DNS, IMAP, Postgres and SAMBA.
Windows machines are part of Samba PDC and when user logs in, Windows connects to the user profile on Samba server. When user logs out and logs to another computer, he/she has the same files and settings. Basically, nothing is held on local stations.
All printers on the network are printers with network cards, so they are not attached to any computer. The right printer is set with cmd script when user logs in, which makes it possible to make other printer as default if one is faulty.
View 2 Replies
View Related
May 15, 2011
I have more than 150 Linux desktop computer in my office IT setup.
I want to configure LDAP centralize network authentication for all the desktop computer.
My requirement is below mentioned.
The LDAP server will only authenticate the desktop computer at the log-in time when the user start computer.
The home directory of all the user should be create in their desktop local computer not in the LDAP server.
And flexibility of user log-in for every desktop. (any user can log-in any computer with his/her username and password)and the home directory will create automatically in the local desktop computer automatically the moment any user will log-in to any computer in the network and the LDAP server will authenticate for desktop-network log-in in to the computer.
View 1 Replies
View Related
Sep 24, 2010
I want to set up a centralized log server, and I have several requisites:
1. The ability to view multiple log files via a web interface or browser.
2. The server's ability to send e-mails to the administrators when a critical condition occurs within the log files.
The logcheck application seems like a good start. However, it does not have a web gui so I was wondering if anyone can recommend a program that either works with logcheck or has the above two requisites on its own.
View 2 Replies
View Related
Nov 14, 2009
I'm extremely new to SuSE Linux. I wanted to move away from Windows and so I decided to reload my Desktop with SuSE linux.I have had no trouble until now. I'm trying to connect to my work VPN connection. From my laptop (which unfortunately is Vista) I'm able to connect without any issues. However, when I tried out the KVPN application on my SuSE linux, it just doesn't work. I get the error:
Authentification has failed.
As a side note, when I type ping google, the packets are received 100% but when I ping my company address, no packets are received. Hope this info is useful.
View 9 Replies
View Related
Jan 19, 2010
I set up the 'Proxy' from Yast and they tested successfully. I can connect to internet, but why am I getting 'ERROR 407 proxy authentication required'?
FYI, my comp is the part of company .NET network with bunch of firewall and security...
View 4 Replies
View Related
Jan 10, 2011
What is the The easiest way to authentication Active Directory with ubuntu.
View 2 Replies
View Related
Jan 18, 2011
I am posting this as I have tried several times to work this out. I have read article after article, post after post and tutorial after to tutorial to sort this issue. I have an Ubuntu 10.04 machine running as the LDAP and NFS server with two Opensuse 11.3 desktop machines. Both of the Opensuse machines can login using the LDAP server for authentication and this works fine. The server also exports the NFS Shares no problem but I am unable to mount the shares from the Opensuse machines. I have been using Yast, NFS Client to mount them.
Yast NFS Client can see the shares and lists them however when I apply the settings it states:
'Unable to mount entries in etc/fstab' I need to mount the shares according to the LDAP details as I want the users to be able to access their files no matter which machine they login at. Can anyone shed any light on the issue. Any help would be great and I would be enternally grateful as I am now beginning to pull my hear out slightly.
View 2 Replies
View Related
Apr 18, 2010
If the wifi network gets disconnected why is the wireless authentication key needed again and again...cant ubuntu store and retrieve it...
View 9 Replies
View Related
