Right now I am on vacation, as my last post may indicate. It is beautiful here, the beaches are nice, and the fresh air is a much welcomed diversion. However, I still think about random projects and things, and hence I take a few minutes here and there to right them down or even make up a neat little blog post.
The subject of this post is something I have kicked around for a little while, but have recently resolved to try to take on. Basically, the situation is this: if you haven’t figured it out, I am a GNU/Linux user (though I do use OpenBSD and occasionally FreeBSD for some things as well). At home I have a few different machines that run Linux, including a small server, a desktop, and a laptop. There are several others as well, but these are the ones I use mainly. The thing is, I would love an easy way to manage users and permissions across them. Basically, I’m thinking of something similar to a domain, like you might see in a Microsoft-based network.
Now, yes, of course you can join *nix machines to a Windows domain (or have one be a domain controller via Samba). I don’t really have any Windows machines, though, nor do I want to buy/pirate a server version of Windows. I could also use Kerberos and LDAP, and in fact I do use them. They work well for me for the most part, but I said in the last paragraph that I wanted an easy way to admin the network. If you follow one of the various online tutorials about getting the two going the process of setting this up isn’t actually that bad, but adding and removing users can be a bit of a pain. I mean, it’s not really complicated, but you’d need to add the user to Kerberos, then to LDAP. Then I guess you can use an LDAP browser to manage the rest. But, it seemed to me like there should be some sort of GUI tool that would manage both, IE let you create a user and add them to some networked groups and whatnot. I was thinking of the name while considering a networked version on Ubuntu’s user and groups tool, hence the name. (In other words, it wouldn’t have to be Ubuntu-specific by any means.)
Now, yes, there are other projects that aim to accomplish this kind of thing, like FreeIPA. And I won’t lie, that one looks pretty neat. But it just seemed to me that just having a frontend to take care of some basic user/group stuff would help out a lot. Especially if you already have a Kerberos/LDAP setup. So, at some point in the future I am going to see what I can do with my idea, and maybe whip something up in Python and GTK. I can’t make any guarantees right now, nor say when I will get to working on it, but we shall see.
As a final disclaimer, I am not what you would call an “IT professional”. I program, and I’ve done quite a bit of work with *nix and networking, but this isn’t my normal gig. I haven’t extensively used Active Directory, and so I’m not trying to clone it. I just want an easier way to manage some users across my home networks (for a couple friends, the cats, etc.), but to have the option of still getting at the guts if I want. Hell, maybe the best way to go about this is just a nice shell script anyway.