We run a couple dozen different MySQL servers for our users. These use the free/Open Source version of MySQL, not the commercial version. Managing the Account Passwords on these servers is painful.
Are there any plugins which would allow us to use LDAP to help manage the MySQL privileges? At the very least, we would like to obtain some usernames and passwords from the LDAP servers.
We are using MySQL 5.1 and 5.5. We might be willing to upgrade to MySQL 5.6 if that is required to achieve this functionality.
We would prefer that any tools be CLI based and not require a GUI or web interface.
Best Answer
Enterprise MySQL (the version you pay Oracle to license) has a PAM module that allows for LDAP authentication: https://dev.mysql.com/doc/refman/5.5/en/pam-pluggable-authentication.html
MariaDB (a binary compatible version of MySQL developed by Monty) has an open source PAM module available for it: http://kb.askmonty.org/en/pam-authentication-plugin/
I do not have hands on experience with either - I present them only as features I have heard of but not tested or used myself.