LDAP Authentication (related to Re: XEN - unbind/bind a PCI device)

[Mark Komarinski]

On 09/25/2007 10:51 AM, Thomas Charron wrote:
>   You just made me REALLY want to look at Xen again.  :-D
>
>   
Tying multiple recent threads together at once:

I have a friend who has Comcast Business and has a block of 5 IP 
addresses.  His agreement with me was he'd pay for the service and 
hardware, I maintain it.  To do that, I set up Xen on two of his systems 
with the disks using md, backed the Xen disks with drbd, and now have 
three distinct sites running off once box that will fail over in the 
event of hardware failure.  For those of you that have not seen it, drbd 
replicates block devices over a network.  Think RAID 1 over a network.  
I'm using it at $DAY_JOB for MySQL failover.

This leads me to my subject.  We want to have distinct systems, but have 
a common authentication mechanism.  I'm thinking of doing it with LDAP, 
but all the account management utilities out there seem to suck.  I 
don't want to play with LDIF files, but I want something that eases my 
mind a bit more than shuffling /etc/passwd and the like files between 
systems.

So I guess the question is: are you doing LDAP authentication on any of 
your networks, and if so, how are you managing it?  Or are there any 
alternate authentication schemes I should be looking at?

-Mark