Generally, in my experience, the difference comes from the way PADL nss-ldap and pam-ldap packages are built, which determines where the configuration files should be.
If you can, I'd try to standardize on sssd, which seems to be more stable and have better compatibility for newer version of Active Directory. If you are force to use nss-ldap and pam-ldap then you have, IIR, three or four configuration files that you need to manage which may be in three or four places. IIR, I ended up putting multiple copies of the configuration files in any place that they might be needed (symlinks actually) for easier deployment on multiple OSs. On Wed, Oct 1, 2014 at 8:41 AM, Morgan Blackthorne <[email protected]> wrote: > So we use an Active Directory system to consolidate user accounts, and > point our Linux boxes at our domain controllers via LDAP. Common scenario, > right? What's confusing me is the multiple ways that you can configure LDAP > client on various Linux systems. As far as I can tell there's: > > 1. Debian / Ubuntu - libpam-ldap / libnss-ldap > 2. RHEL 5 - nss_ldap > 3. CentOS 5 - openldap-clients > 4. RHEL 6 / CentOS 6 - SSSD > 5. Oracle Linux - ?? (not sure but I assume it more closely follows > RHEL) > 6. Amazon Linux - nss-pam-ldapd > > As far as I can tell, SSSD is not available for Amazon Linux. And yet it's > a different configuration setup than any of the other systems. This is the > newest addition; I was hoping I could configure it either via SSD or like > RH 5, but it's looking to be its own special snowflake. *sigh* > > How do you all manage things, or are we just really abnormal for running > such a mix of OSes? We've been working to get everything into Chef, and I'm > refactoring the LDAP setup piece to be its own cookbook for clarity's sake, > and ideally would like to simplify the configuration into as few different > options as possible. Suggestions very welcome. > > -- > ~*~ StormeRider ~*~ > > "Every world needs its heroes [...] They inspire us to be better than we > are. And they protect from the darkness that's just around the corner." > > (from Smallville Season 6x1: "Zod") > > On why I hate the phrase "that's so lame"... http://bit.ly/Ps3uSS > > _______________________________________________ > Discuss mailing list > [email protected] > https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss > This list provided by the League of Professional System Administrators > http://lopsa.org/ > > -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
_______________________________________________ Discuss mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
