web-based ldap user administration

Tony Shadwick tshadwick at goinet.com
Thu May 19 08:45:15 PDT 2005


Hm....I've worked quite a bit with Webmin and Usermin in the past, and 
I've found most problems can be worked around by reconfiguring a specific 
module.

What do I mean?  I don't have a webmin installation currently, but I had a 
site that was NIS and I had a unix-know-nothing that wanted to be able to 
add and remove users.  I set up webmin to look not at /etc/master.passwd, 
but /var/yp/master.passwd.  Worked beautifully.  The only thing he 
couldn't see were local accounts (root and system accounts).  Worked like 
a charm.

If the webmin password manager isn't doing what you want it to do, you can 
probably just write a small shell or perl script that does what you want 
from the command line, and tell webmin to use that instead.  That way you 
can still have it update your samba passwords too.

As a side note, i've been looking to learn how to use openldap for auth to 
go along with what I know about NIS.  Could you suggest some good reading?

Tony

On Thu, 19 May 2005, Benjamin J Doherty wrote:

> Friends,
>
> Now that I've successfully assembled my LDAP enabled FreeBSD machine with 
> pam_ldap and nss_ldap, I'm looking for a way to allow users to administer 
> their accounts through a web browser.  Webmin and Usermin appear to be 
> excellent candidates except for the fact that they don't appear to support 
> FreeBSD and OpenLDAP.  Webmin doesn't have an option to use SSHA password 
> hashing when creating an account, and all of its supported hashing mechanisms 
> don't equal the actual authentication process' hashing mechanism. Usermin 
> (probably for the same reason) can allow a user to change a password but 
> changes the password to something besides what the user wanted, effectively 
> disabling his account.  Usermin offers a huge advantage in that it also can 
> change a Samba account password at the same time (though I don't know if it 
> will change an LDAP password out of the box).
>
> Are there other options in the ports tree that actually work?  Is there a 
> simple way to get Webmin and Usermin to work?
>
> Cheers,
>
> Benjamin Doherty
> chicago
>
>


More information about the freebsd-questions mailing list