FANDOM


Enterprise Linux Authentication, Directory and Name Services covers a broad plethora of network authentication, authorization, object and other directory store and naming services.

WORK-IN-PROGRESS

Concepts

Elementary

  • Naming Conventions
* DNS hosts and service records
* NetBIOS and SAP hosts and functionality
* LDAP and X.500 containers, common names and hierarchy
  • Principal Objects
* POSIX UID/GID
* SAM SID and Bindery objects
* LDAP and X.500 containers and distinguished names 
* Kerberos principals
  • Discovering Nodes and Services
* DNS zones of host and service records
* NetBIOS browse lists of name and suffix
* SAP service information table
  • Mapping and Authenticating Principals
* POSIX files, hash and service switching
* Pluggable authentication
* SAM store and NTLM hash
* Bindery store and hash
* Kerberos Challenge-Response
  • Locating and Publicizing Resources
* POSIX local and network resource files
* RFC/STD resource maps
* LDAP resource schema
* Proprietary directory resource schema

Advanced

  • Proprietary Authentication and Directory Schema
* RSA authentication (e.g., eDirectory, Sun One)
* ADS-LDAP SAM SID/principal synchronization services
* ADS-LDAP sub-tree import/export/replication
* ADS-Kerberos KDC, client and one-way trust
  • Remote Advertisement
* Replacing/eliminating NSLP, RTMP and WINS
  • Ticketing Principals
* Time synchronization
* Key Distribution Center (KDC)
  • Extensible Directory Schema
* Advanced RFC/STD/Draft LDAP schema
* Proprietary directory schema

Practices

Elementary

  • Discovering Nodes and Services
* Hierarchial DNS design
* DNS server records
* DNS server synchronization
* Dynamic DNS record update
* DNS proxy NetBIOS and SAP discovery
* WINS proxy NetBIOS name advertisement
  • Mapping and Authenticating Principals
* Local files and NSSwitch mapping
* LDAP principal object mapping
* SAM SID object mapping
* Local MD5 and NTLM hash authentication
* Remote MD5/SHA1 and NTLM bind authentication
* Kerberos challenge-response hash authentication
* GSSAPI/SASL client-server configuration
* PAM module configuration for principal authentication
  • Locating and Publicizing Resources
* Local resource files and NSSwitch mapping
* RFC/STD service, automounter and other resource map
* RFC/STD store in LDAP schema
* CIFS-SMB resource advertisement
* WINS proxy NetBIOS CIFS-SMB service advertisement
* CIFS-SMB store in LDAP schema

Advanced

Tasks

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.