

Power Up Your Authentication with Open LDAP and Puppet - seanhandley
http://datacentred.co.uk/power-up-your-authentication-with-open-ldap-and-puppet/

======
montecarl
With this sort of authentication scheme what happens when the network
connection goes down or the LDAP server crashes? Can you no longer login? Or
can you only login to local accounts? Ideally I would like to have centralized
authentication management, but if the central server goes down to still have a
local read-only copy of the authentication data. Is something like this
possible? Or would it be easier to just sync passwd files?

~~~
doxcf434
For OS level auth, you'd want to use sssd, which will handle most failure
conditions:

[https://fedorahosted.org/sssd/](https://fedorahosted.org/sssd/)
[https://wiki.ubuntu.com/Enterprise/Authentication/sssd](https://wiki.ubuntu.com/Enterprise/Authentication/sssd)

~~~
seanhandley
It's not such a big problem on a Linux host - it's more of a problem on
network hardware.

~~~
jasonrojas
ldap & tacacs+ solves that issue

------
jasonrojas
Cached version since the site is returning a 508

[http://webcache.googleusercontent.com/search?q=cache:gyIeexA...](http://webcache.googleusercontent.com/search?q=cache:gyIeexA_vRkJ:datacentred.co.uk/power-
up-your-authentication-with-open-ldap-and-puppet/+&cd=1&hl=en&ct=clnk&gl=us)

~~~
seanhandley
Thanks for this - our company blog's currently hosted by a third party.

