Centralized user/group/whatever management
Michael Osipov
1983-01-06 at gmx.net
Fri Mar 13 15:06:47 UTC 2020
Am 2020-03-13 um 15:31 schrieb Doug McIntyre:
> On Fri, Mar 13, 2020 at 04:19:23PM +0700, Victor Sudakov wrote:
>> Do you think there exists a modern solution for centralized user/group/...
>> management compatible with FreeBSD and Linux?
>
> I think the best combination is probably a Windows AD setup, with
> FreeBSD/Linux clients attaching to it. (Although I still do external DNS
> importing the AD objects into it, really can't stand windows DNS).
>
> This does work really seamless, the GUI tools are well utilized.
>
> It really gets you the hard part (LDAP, Kerberos) in a pretty easy to
> use package. I don't know how many hours I've spent on OpenLDAP
> getting it to work with things, and management packages for OpenLDAP
> are pretty sucky overall.
I agree here with Doug, as strange as it sounds, Samba is your best bet.
When you provision your domain you shall enable the POSIX extensions. It
will create all GECOS stuff. pam_winbind is also nice.
One must simply admit that Active Directory is a wellthought system not
just for Unix. You may join your machines either with Samba, more easily
with msktutil (disclainer, I am a maintainer) with works flawlessly on
FreeBSD.
Michael
More information about the freebsd-questions
mailing list