Tuesday, May 27, 2008

Once more unto the breach

I'm fighting with centralized authentication again.

I haven't finally decided whether I'm going to do a half-hearted attempt at reliably authenticating Linux against Active Directory or against OpenLDAP (or one of any number of other LDAP servers that people seem to hurl as suggestions). I suspect my problem hasn't been server-software related. More likely a disconnect in my mental process that allows me to fathom the method of interrelation between how a password stored in a directory server enables an account in Linux to log in. Where are the user's data files stored? How is that mapped to the account?

I'm sure that once I grasp this, I'll realize that it's more than just two pieces of software. I'm sure it will be an array of software all working together smoothly when properly configured.

It almost reminds me of my disconnect years ago when learning subnetting. I read, and read, and did the math, and I couldn't get it. I could do the math, I could understand how subnetting worked, but for weeks it eluded my efforts to master it. Something was disconnected in my brain.

On the way to my very first Cisco class, it clicked. What I was missing was not HOW to subnet. I had mastered that. I was missing the WHY of subnetting. The fracturing of whole networks into smaller, and the conglomeration of multiple networks for routing, all finally locked firmly into place. In the span of about 3 seconds, I went from not being able to subnet to being able to teach others.

I'm hoping at some point that I "get" this, or that someone utters the magic words that make me snap out of the rut I'm in, so that I can put this behind me like so many other skills that I have wrestled with.