Comment on User management
notabot@lemm.ee 1 year ago
I use an LDAP server, as it’s pretty much designed for exactly this task. You can tell PAM to authenticate and authorise from it to manage logins to the physical machines, and web apps typically either have a straightforward way to use LDAP, or support ‘external’ auth, with your web server handling the authentication and authorisation for it.
OpenLDAP is a solid, easily self hosted server. If you like working from the shell it has everything you need. If you prefer a GUI there are a variety of desktop and web based management frontends available.
lal309@lemmy.world 1 year ago
I’ve been toying with the idea of standing it up. Any recommendations for the GUI side?
vegetaaaaaaa@lemmy.world 1 year ago
I use openLDAP + LDAP Account Manager and Self-service password. Deployed/managed thorugh this ansible role
lal309@lemmy.world 1 year ago
Well…. you just blocked off my calendar for the weekend!
notabot@lemm.ee 1 year ago
I confess I normally work from the command line, but I have set up LDAPAdmim for projects where others needed to manage the directory, and it worked pretty well.
lal309@lemmy.world 1 year ago
I got ya. Took a quick look at that link and it looks like the client is Windows specific which is frowned upon and permanently blacklisted in this house!!!
Still, I appreciate the reply
notabot@lemm.ee 1 year ago
That’s what comes of late night posting, I’d meant to link you to PHPLDAPAdmin, not LDAPAdmin! It’s written in PHP, which isn’t lovely, but it does it’s job.