+1 for freeipa. It is an extremely well integrated domain controller with a
functionality similar to Microsoft Active Directory.
I would highly recommend setting up an AWS Virtual Private Cloud or
something similar and practice deploying freeipa a few times with a few
clients. It takes some understanding of the caveats and implimentation
before you will be able to deploy it successfully in a production
environment.
Good Luck!
On 24 February 2015 at 01:40, Jitse Klomp <jitseklomp at gmail.com> wrote:
> On 02/24/2015 01:15 AM, Gordon Messmer wrote:
>
>> On 02/23/2015 08:22 AM, Niki Kovacs wrote:
>>
>>> 1. Users should be manageable through a GUI, probably a web
interface,
>>> so the client can create, manage and delete them eventually.
>>>
>>
>> FreeIPA is a good option, generally. As best I understand it, it's
>> currently available in a Docker container for CentOS.
>> http://seven.centos.org/2014/12/freeipa-4-1-2-and-centos/
>>
>> I haven't heard about more standard packaging, but that might come
along
>> later...
>>
> ipa-server is available from the base repos in both EL6 (v3.0) and EL7
> (v3.3). RHEL7.1 beta ships with version 4.1. EL6 clients are fully
> compatible with EL7 servers and vice versa.
>
> 2. Home directories should be created/deleted automagically under the
>>> hood.
>>>
>> You can use pam_mkhomedir to create them, but archiving or deleting
home
>> directories would be a manual process.
>>
> You should use pam_oddjob_mkhomedir for that, it requires fewer privileges
> and integrates nicely with SELinux.
>
> 3. Every user should be able to login on any machines and find his or
>>> her files and preferences.
>>>
>> You can continue using NFS for that.
>>
> FreeIPA also supports automount/autofs.
>
> You should check out the FreeIPA demo (v4.1):
> http://www.freeipa.org/page/Demo
>
>
> - Jitse
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>