Okay, the Wednesday deadline is practically here,
and I am done with the work.
Have a nice day everyone,
-doc
Here's the status of the TODO tasks I listed in the previous mail,
for those who want the details:
- Print friendly message to users running passwd instead of kpasswd:
I had an idea to do this with pam_echo, but this module is no longer
included in the PAM distribution. There are three solutions (please
state your preferences):
- manually add this module
- use other means of educating users to use 'kpasswd'
- make 'passwd' work on the kerberos password by default
- Start adding test users to LDAP
This works, I have one test user and it works perfectly, including
host control (which hosts the user can connect to). To add a bunch
of users (transfer Fyodor's /etc/{password,group,shadow} files),
I will use PADL Software's migrationtools that will do it all
automatically and at once.
- Wiki page describing what files get checked, what files
are the right place to add what kind of access controls, how to
connect to LDAP.
I've updated http://wiki.hcoop.net/wiki/NewServersSetup with
the information.
- Script for adding users in ldap+kerberos that does everything
automatically.
This is not critical now that I've reminded myself of
migrationtools. For the future, I will however write some
script to do this.
On a related note, passwords which are now MD5 can't be
transferred to Kerberos, so please give opinion on how to
distribute new passwords to users.
- PAM's mkhomedir module for automatic homedir creation
Can easily be added but we won't use it since we'll integrate
AFS into the scene.
_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
