Novell Home

Evaluating OES: Netatalk talking to eDirectory via PAM

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 1 Jun 2005
 

Editor's Note: If you have any other questions on your mind as you evaluate Open Enterprise Server, please let us know and we'll do our best to track down the answers.

Jeff C. wrote: Unfortunately my organization still has a couple hundred Mac OS 9 clients. We currently are using a OES NetWare cluster to serve them. We would like to move the cluster to OES on Linux.

I have made a lot of progress using Netatalk to emulate an AFP file server with an OES on Linux cluster. So far I can share an NSS volume on a shared disk and I can give my users access to it by using LUM (kind of).

What I haven't been able to figure out so far is how to use eDirectory (LDAP) as the authentication source for the DHCAST128 UAM. Out of the box the Netatalk install is configured to use local PAM sources. Do we have an eDir/LDAP PAM module? Could there be a better way to do this? What about some failover/failback support?

Answer

Yes we do have eDirectory LDAP PAM modules that come already configured in OES. We weren't aware that Netatalk was PAMified, but from your email it appears it is supposed to be. If it's not working, then it's probably because it's got some bugs. We have plenty of other modules using PAM LDAP in OES on Linux, which are all properly PAMified.

Netatalk was not tested as part of OES on Linux because the version included was done when the code locked down, and that version was not stable. (We're impressed that you got NSS to work with it...)

Maybe someone else has had some experience with this. Anyone have any suggestions for Jeff?


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell