ELDomDir

Enterprise Linux Authentication, Directory and Name Services covers a broad plethora of network authentication, authorization, object and other directory store and naming services.

WORK-IN-PROGRESS

= Concepts =

Elementary
* DNS hosts and service records * NetBIOS and SAP hosts and functionality * LDAP and X.500 containers, common names and hierarchy
 * Naming Conventions

* POSIX UID/GID * SAM SID and Bindery objects * LDAP and X.500 containers and distinguished names * Kerberos principals
 * Principal Objects

* DNS zones of host and service records * NetBIOS browse lists of name and suffix * SAP service information table
 * Discovering Nodes and Services

* POSIX files, hash and service switching * Pluggable authentication * SAM store and NTLM hash * Bindery store and hash * Kerberos Challenge-Response
 * Mapping and Authenticating Principals

* POSIX local and network resource files * RFC/STD resource maps * LDAP resource schema * Proprietary directory resource schema
 * Locating and Publicizing Resources

Advanced
* RSA authentication (e.g., eDirectory, Sun One) * ADS-LDAP SAM SID/principal synchronization services * ADS-LDAP sub-tree import/export/replication * ADS-Kerberos KDC, client and one-way trust * Replacing/eliminating NSLP, RTMP and WINS * Time synchronization * Key Distribution Center (KDC) * Advanced RFC/STD/Draft LDAP schema * Proprietary directory schema
 * Proprietary Authentication and Directory Schema
 * Remote Advertisement
 * Ticketing Principals
 * Extensible Directory Schema

= Practices =

Elementary
* Hierarchial DNS design * DNS server records * DNS server synchronization * Dynamic DNS record update * DNS proxy NetBIOS and SAP discovery * WINS proxy NetBIOS name advertisement
 * Discovering Nodes and Services

* Local files and NSSwitch mapping * LDAP principal object mapping * SAM SID object mapping * Local MD5 and NTLM hash authentication * Remote MD5/SHA1 and NTLM bind authentication * Kerberos challenge-response hash authentication * GSSAPI/SASL client-server configuration * PAM module configuration for principal authentication
 * Mapping and Authenticating Principals

* Local resource files and NSSwitch mapping * RFC/STD service, automounter and other resource map * RFC/STD store in LDAP schema * CIFS-SMB resource advertisement * WINS proxy NetBIOS CIFS-SMB service advertisement * CIFS-SMB store in LDAP schema
 * Locating and Publicizing Resources

Advanced
= Tasks =