[Watford] MS AD and Linux

[Steven Acreman]

There's some stuff on my site :

You can do it with kerberos / ldap (or ldap / ldap if you really want) :

http://www.osiconsulting.co.uk/solutions/linuxldap.html

Or use NIS and Windows Services for Unix :

http://www.osiconsulting.co.uk/solutions/servforuindex.html

Windows Server 2003 R2 domains have the schema extensions already built in.
Previous to that you would have to extend the schema.


On 23/08/07, Alain Williams <addw at phcomp.co.uk> wrote:
>
> On Thu, Aug 23, 2007 at 09:43:01AM +0100, Mark Stewart wrote:
> > Hi Guys,
> >
> > Any experience/advice on
> > authenticatiing various Linux flavours against M$ Active Directory
> > rather than OpenLDAP appreciated.
>
> I have done it for email purposes - ie look up local email address in M$AD
> to ensure that it is valid & which exchange server to deliver to.
>
> > I gave heard
> > M$ offer Unix Services that extends the AD schema to support Linux
> account
> > authentication  but want to avoid this.
>
> Why do you want to avoid it ?
> One thing that you do need are the extra bits of Unixy stuff such as
> values for $HOME, uid, groups, ... Where do you propose to get them from
> if
> not from M$AD ? You could have parallel registration (ie both /etc/passwd
> & M$AD) but that would be a complete pain if you have more than a few
> users.
>
> --
> Alain Williams
> Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT
> Lecturer.
> +44 (0) 787 668 0256  http://www.phcomp.co.uk/
> Parliament Hill Computers Ltd. Registration Information:
> http://www.phcomp.co.uk/contact.php
> Chairman of UKUUG: http://www.ukuug.org/
> #include <std_disclaimer.h>
>
> _______________________________________________
> Watford mailing list
> Watford at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/watford
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/watford/attachments/20070823/e66af4f3/attachment.html