Ottawa Valley SAGE

Providing a forum since 1998

Apr 21, 2002 - 1 minute read - Comments

Centralized password databases.

Aloha!

I’m looking to co-locate a server that will act as a web and mail
server. I’ve currently got a server on my LAN doing this, but I’m
soliciting advice on how best to achieve a centralized authentication
scheme once it’s moved.

Ultimately I’d like to have users able to set their passwords using
one mechanism that is tied to a database shared between both the co-lo
server and any servers running here.

I’m shying away from anything that depends on realtime
synchronization, because my home link might not always be up, and I
don’t want authentication to be tied to the availability of my link.

I’m tending towards an rsync of the shadow/password files, or a custom
script that merges password change differences for entries in the
password database.

I could also do something like move to MySQL, or LDAP and replicate
the databases every so often.

Anyone have any ideas?

It is possible to have completely seperate passwords for the new co-lo
box, but that means that users need to remember, and manage at least
two sets of passwords.


Adrian Chung (adrian at enfusion-group dot com)
http://www.enfusion-group.com/~adrian
GPG Fingerprint: C620 C8EA 86BA 79CC 384C E7BE A10C 353B 919D 1A17
[toad.enfusion-group.com] up 29 days, 6:29, 16 users

April Meeting Announcement Re

comments powered by Disqus