Definetly the weirdest LDAP management tool

Tuesday, February 21st, 2012

Its called ldapvi, and its just about what you’d expect with that name :-). The author would like you to think about it as vipw for your LDAP based authentication, and in addition to a few command line option it really isn’t much more then that (UI-wise):

(more…)

LDAP authentication on Fedora 16 (and why it sucks)

Thursday, February 16th, 2012

In my company we (still) use an Active Directory domain controller to manage central authentication(1), which is not set up very well – no SSL and the Kreberos setup is not done properly. This makes gives much trouble to modern Linuxes (e.g. not Ubuntu. yes – I’m looking at you Shuttleworth.)  such as Fedora, as Fedora have done away with NSS/PAM based LDAP authentication and instead relies on SSS – which I have yet managed to get working or even find a tutorial on how to set it up properly.

So if you still want to authentication your Fedora installation against the company’s Active Directory – and can’t/won’t rely on Winbind’s notably flaky behaviour, you can always install NSS/PAM ldap authentication manually. Unfortunately its not as easy as it sounds, and as I learned the hard way – one must pay careful attention to SELinux. So here’s the recipe:

(more…)


  1. there are a lot of MS-Windows workstation, so it kinds of makes sense – but we are planning to phase it out in favour of OpenLDAP, so don’t worry about it []

Spam prevention powered by Akismet