Here you find the description of a possible configuration of a mid- to big-size network infrastructure. This documentation is founded on the experience of maintaing the net infrastructure of the Institut for Strength of Materials on the Graz University of Technology. Beside the normal office stuff we are developing software and therefore here are services regarding to software development listed and described. We are using to Linux derivates, grml (of course ;)) and gentoo.
Prerequisites
Especially for Gentoo you should enable a few USE flags from the beginning on. Of course it's possible to ignore some of them if you won't use the whole configuration. So in /etc/make.conf you should have enabled the following USE flags:
USE="ldap kerperos ssl apache2"
Special USE flags required for single ebuild are discussed in the related section.
User management
User management mainly consits of the naming Service, the authentication mechanism and login including the session handling. Here I describe two solutions for the whole problem which can coexist and are both configured on our systems.
So the first point you have to decide is whether to use OpenLDAP or NIS. For me, this decision is really straight forward ;) I am using LDAP.
OpenLDAP
As already mentioned the service is responsible for the naming service. But of course it is also possible to use LDAP for authentication. And here you can find a possible configuration for using LDAP as naming and authentication service.
Server
Required Packages
gentoo
mueli@michael:~$ emerge -a net-nds/openldap
grml
mueli@michael:~$ aptitude install slapd
