Central access control system for Linux - Redhat

This is a discussion on Central access control system for Linux - Redhat ; Hi All Hope you be well and everything goes wonderful. I'm wondering if there is any solution for Linux systems, desktop and servers, which provide central(enterprise) access control system. A major feature which people are looking for is central control ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Central access control system for Linux

  1. Central access control system for Linux

    Hi All

    Hope you be well and everything goes wonderful.

    I'm wondering if there is any solution for Linux systems, desktop
    and servers, which provide central(enterprise) access control system.
    A major feature which people are looking for is central control over
    portable media access of users and workstations.

    Looking forward to your reply

    Cheers
    --
    Mehdi Sarmadi

  2. Re: Central access control system for Linux

    msarmadi@gmail.com wrote:
    > Hi All
    >
    > Hope you be well and everything goes wonderful.
    >
    > I'm wondering if there is any solution for Linux systems, desktop
    > and servers, which provide central(enterprise) access control system.
    > A major feature which people are looking for is central control over
    > portable media access of users and workstations.
    >
    > Looking forward to your reply
    >
    > Cheers
    > --
    > Mehdi Sarmadi


    Welcome to Kerberos for authentication, and LDAP for account management. Not
    only are these well-supported technologies in the Linux and UNIX world, they
    are 2 of the four underlying technologies of Active Directory. (The other two
    are DNS and DHCP.)

  3. Re: Central access control system for Linux

    On May 3, 1:49*am, Nico Kadel-Garcia wrote:
    > msarm...@gmail.com wrote:
    > > Hi All

    >
    > > * Hope you be well and everything goes wonderful.

    >
    > > * I'm wondering if there is any solution for Linux systems, desktop
    > > and servers, which provide central(enterprise) access control system.
    > > A major feature which people are looking for is central control over
    > > portable media access of users and workstations.

    >
    > > * Looking forward to your reply

    >
    > > Cheers
    > > --
    > > Mehdi Sarmadi

    >
    > Welcome to Kerberos for authentication, and LDAP for account management. Not
    > only are these well-supported technologies in the Linux and UNIX world, they
    > are 2 of the four underlying technologies of Active Directory. (The other two
    > are DNS and DHCP.)


    Nico Kadel-Garcia

    Thanks for the reply. You must be a MS fan

    You know, variety of authentication mechanism is possible using some
    network information service like LDAP or NIS+. Moreover you can do
    what-ever you want with LDAP on the network: set the user's desktop
    background and home directory(on a network FS), put a new handmade
    custom network information service, or application required
    information services, etc. However all of them need a client agent on
    workstations to make workstations affected.

    As of LDAP, it is raw and could give the network information system
    lots of capabilities, which is great using GOsa wonderful
    tool .Although, it needs a client on workstation that could apply the
    policies like MAC, Linux Access Lists/Controls, pam_group/pam_mount
    and so on. P.S. Those which I need is not controlling access to the
    network, I'm looking for something which I could replace with MS
    Active Directory. Not all of the features are needed like DNS/DHCP but
    integration is a highly required feature.

    I'm looking for some projects which have done the client side agent,
    too. Moreover made it open to add other customized capabilities/
    features.

    Any other clues?
    Cheers
    --
    Mehdi Sarmadi

  4. Re: Central access control system for Linux

    msarmadi@gmail.com wrote:
    > On May 3, 1:49 am, Nico Kadel-Garcia wrote:
    >> msarm...@gmail.com wrote:
    >>> Hi All
    >>> Hope you be well and everything goes wonderful.
    >>> I'm wondering if there is any solution for Linux systems, desktop
    >>> and servers, which provide central(enterprise) access control system.
    >>> A major feature which people are looking for is central control over
    >>> portable media access of users and workstations.
    >>> Looking forward to your reply
    >>> Cheers
    >>> --
    >>> Mehdi Sarmadi

    >> Welcome to Kerberos for authentication, and LDAP for account management. Not
    >> only are these well-supported technologies in the Linux and UNIX world, they
    >> are 2 of the four underlying technologies of Active Directory. (The other two
    >> are DNS and DHCP.)

    >
    > Nico Kadel-Garcia
    >
    > Thanks for the reply. You must be a MS fan
    >
    > You know, variety of authentication mechanism is possible using some
    > network information service like LDAP or NIS+. Moreover you can do
    > what-ever you want with LDAP on the network: set the user's desktop
    > background and home directory(on a network FS), put a new handmade
    > custom network information service, or application required
    > information services, etc. However all of them need a client agent on
    > workstations to make workstations affected.


    Well, yes. Most of the clients are built-in for Kerberos, LDAP, and NIS/NIS+.

    > As of LDAP, it is raw and could give the network information system
    > lots of capabilities, which is great using GOsa wonderful
    > tool .Although, it needs a client on workstation that could apply the
    > policies like MAC, Linux Access Lists/Controls, pam_group/pam_mount
    > and so on. P.S. Those which I need is not controlling access to the
    > network, I'm looking for something which I could replace with MS
    > Active Directory. Not all of the features are needed like DNS/DHCP but
    > integration is a highly required feature.


    Like I said, for Linux workstations, it's mostly built-in if you use a
    reasonable server.

    > I'm looking for some projects which have done the client side agent,
    > too. Moreover made it open to add other customized capabilities/
    > features.
    >
    > Any other clues?
    > Cheers


    Do you need authentication alone (plain Kerberos), or
    account/machine/configuration management (such as user's real user names,
    uids', etc., which requires LDAP or NIS)?

+ Reply to Thread