Next Integration Task(s)24 July 2005 · Filed in Information
With the majority of my Linux servers now authenticating against Active Directory, I’m now able to broaden my integration focus and work on some related tasks:
SASL2/PAM: I still have one server, running SASL2, that has not been switched over to the standard Kerberos/LDAP configuration. I’ll need to research the interplay between SASL2 and PAM before I tackle this one.
OpenBSD Authentication: I haven’t touched any of the OpenBSD servers yet for Kerberos/LDAP authentication.
VPN Authentication via RADIUS: I’d like to use RADIUS to handle some VPN authentication against Active Directory as well. I don’t anticipate this should be too terribly difficult, but it is something that is rather new to me.
Apache Authentication via Kerberos to AD: One of the documents that helped me in getting the pam_krb5 stuff working was for using mod_auth_kerb with Apache (more information also posted here as well). I’d like to deploy this for some select areas of our intranet and extranet sites, to add an additional layer of security on top of what is already present.
Of course, this is in addition to trying to establish an internal news server running INNd (and then migrating content from Exchange Server 2003 into this news server) and working on Squid log analysis tools. I’ll probably start investigating Squid authentication options as well, since that would be very helpful to my customers (especially if I can get the authentication to be transparent, or very nearly so). On top of that I have duties in church, work as a manager overseeing employees, and things to do as a dad. Whew! I often wonder if I am just not efficient with managing my time, or if I just have too much to do.Tags: Apache · Cisco · Interoperability · Kerberos · Microsoft Previous Post: Linux-AD Integration Wrap-Up Next Post: VPN Integration Done