search

Red Hat APPLICATION STACK 1.2 RELEASE Manuel d'utilisateur Page 33

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 44
  • Table des matières
  • MARQUE LIVRES
    • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 32
Chapter 7.
25
Security and Authentication
This chapter covers behavioral changes for security and authentication, including SELinux, SSSD,
LDAP, Checksums, and PAM.
7.1. SELinux
The sshd daemon is now a confined service.
7.2. SSSD
SSSD (System Security Services Daemon) offers access to remote identity and authentication
mechanisms, referred to as providers. It allows those providers to be plugged in as SSSD back-ends,
abstracting the local and network identity and authentication sources and allowing any kind of identity
data provider to be plugged in. A domain is a database containing user information, which may serve
as the source of a providers identity information. Multiple identity providers are supported, allowing
two or more identity servers to act as separate user namespaces. Collected information is available to
applications on the front-end through standard PAM and NSS interfaces.
SSSD runs as a suite of services, independent of the applications that use it. Those applications
therefore no longer need to make their own connections to remote domains, or even be aware of
which is being used. Robust local caching of identity and group membership information allows
operations regardless of where identity comes from (e.g., LDAP, NIS, IPA, DB, Samba, etc.), offers
improved performance, and allows authentication to be performed even when operating offline and
online authentication is unavailable. SSSD also allows the use of multiple providers of the same type
(e.g., multiple LDAP providers) and allows domain-qualified identity requests to be resolved by those
different providers. Further details can found in the Red Hat Enterprise Linux 6 Deployment Guide.
7.3. LDAP
OpenLDAP
The configuration required for the OpenLDAP service has changed in Red Hat Enterprise Linux
6. In previous versions, slapd was configured via the /etc/openldap/slapd.conf file. The
slapd configuration in Red Hat Enterprise Linux 6 is now stored in a special LDAP directory (/etc/
openldap/slapd.d/) with a pre-defined schema and Directory Information Tree (DIT). Further
details of this configuration schema can be found at openldap.org
1
. The following section details an
example on how to convert the old configuration file to work with the new directory:
7.3.1. Converting slapd configuration
This example assumes that the file to convert from the old slapd configuration is located at /etc/
openldap/slapd.conf and the new directory for OpenLDAP configuration is located at /etc/
openldap/slapd.d/.
Remove the contents of the new /etc/openldap/slapd.d/ directory:
# rm -rf /etc/openldap/slapd.d/*
1
http://www.openldap.org/doc/admin24/slapdconf2.html#Configuration%20Layout
Vue de la page 32
1 2 ... 28 29 30 31 32 33 34 35 36 37 38 ... 43 44

Commentaires sur ces manuels

Pas de commentaire
Produits connexes et manuels pour Logiciel de gestion de réseau Red Hat APPLICATION STACK 1.2 RELEASE
Logiciel de gestion de réseau Red Hat NETSCAPE MANAGEMENT SYSTEM 7.0 - AGENT GUIDE Guide d'installation   (72 pages)
Logiciel de gestion de réseau Red Hat CLUSTER SUITE FOR ENTERPRISE LINUX 5.2 Guide d'installation   (76 pages)
Logiciel de gestion de réseau Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006 Guide d'installation   (74 pages)
Logiciel de gestion de réseau Red Hat NETWORK - USER 3.0 Guide d'installation   (86 pages)
  • Dajiang Innovation Technology Middle POSline Whittlestone Mobileye
  • Olympus Kits d'appareils photo Compaq Lecteurs de CD ICC Connecteurs de fils IKEA Fours Charnwood Poêles
  • Asus Z9PE-D8 WS Hansa OKC 642 SH Electrolux ERB34300W Zanussi ZES3921IBA Electrolux ER9007B
  • Blaupunkt Denver CD70 Manuel de l'utilisateur Sony XS-GTF1325B Manuel de l'utilisateur Clarion FZ.150 Manuel d'installation Alesis Transactive 50 Guide de l'utilisateur