1
1
I have a few Macs standing around and would like to administer their users (my kids, wife and occasional guests) in one place. The closest thing to a server (always on) I have here is an openwrt router.
Is this doable at all? What protocols would such a server have to offer?
Jan
Posted 2011-04-03T11:10:03.433
Reputation: 135
2
The easiest way is to use MacOS Server, which is too expensive at the moment, but might come for free with MacOS 10.7 "Lion". The only other option to do this with MacOS clients that might be doable for non-experts is a connection to a Windows Server via the Active Directory plugin, but this requires a Windows server, which is also expensive.
It should be possible to install an LDAP server on a OpenWRT router, but getting this to run well with MacOS clients is extremely involved and requires quite a lot of knowledge regarding MacOS's inner workings.
NIS might work as well, but I guess this will suffer from all the same drawbacks that makes a working LDAP solution so hard to achieve.
Sven
Posted 2011-04-03T11:10:03.433
Reputation: 1 591
1
There are two separate services you need to set up:
User directory – a central location where the user account information (uid, shell, homedir) could be looked up.
Hesiod is ancient, but works. All it needs is DNS. It's very easy to set up on Linux/glibc; no idea about OS X.
LDAP is very common, but can be hard to set up.
NIS/YP – I don't know much about this, but apparently it is commonly used.
Authentication – a centralized service to verify the user's password.
Kerberos – probably the best choice (although at first it might seem complicated). OS X even uses this internally, and so does Windows Active Directory.
(...but when choosing a KDC, choose carefully. I haven't yet found a way to convert between MIT Kerberos database and Heimdal's.)
user1686
Posted 2011-04-03T11:10:03.433
Reputation: 283 655
0
I'm not an expert in this but i think you need a kerberos server on openwrt
Troydm
Posted 2011-04-03T11:10:03.433
Reputation: 125