Hi. Does anyone here understand CAS? I've taken over server administration at my work, and we host several websites in a network for one of our clients, and they use CAS to provide a Single Sign On to all the sites in their network. However this was all set up before I came on, and I'm scared to death to touch it. Mostly because whenever I do I start reading the documentation and it's huge. Here's what I understand: - CAS is primarily a Java module of the Tomcat Web Server - It can be accessed in many ways (we use phpCAS). I'm pretty familiar with how to get my website to use CAS. That's easy. Here's what I have no clue about: - How to manage the users in CAS. I'm totally lost on this. Apparently the guy before me set it up to use LDAP. Supposedly the LDAP was setup using the users from our mail server. So if I need to add a new user to CAS, do I just add them as a user to the mail server? What if I want to remove a user from LDAP? And how do I limit who goes into LDAP? We have a ton of clients and only the the users from this one client need to be in that database. Right now, I'm actually able to log into the network using login credentials from a different client. Weird, huh? Does anyone have a clue on this? Sorry for how crazy I sound right now...
I've found these instructions in the documentation our former server admin left behind: Steps to recreate LDAP database: ldapsearch -LLL -x "uid=*" dn|grep dn|cut -d" " -f2 > /root/delete.ldap ldapdelete -x -D "uid=admin,dc=tqinet,dc=com" -w H0t1barb < delete.ldap cd /root/MigrationTools ./migrate_passwd.pl /etc/passwd /root/password.ldif ldapadd -x -D "uid=admin,dc=tqinet,dc=com" -W -f /root/users.ldif rm /root/password.ldif rm /root/delete.ldap Code (markup): I think this is pretty straightforward. It clears the existing database and then tries to set it back up again. But it creates a password.ldif file and then uses a users.ldif file. Where did users.ldif come from? When is password.ldif used? Could this just be a typo? Thanks in advance. Diolch in fawr.