[TriLUG] ldap authentication from Active directory or NTDS

[Roy Vestal]

On Wed, 2004-01-14 at 13:19, Magnus Hedemark wrote:
> On Tue, 13 Jan 2004, Roy Vestal wrote:
> 
> > On Thu, 2004-01-08 at 06:23, Magnus wrote:
> [snip]
> > Gonna have to disagree with you here Chris. 
> 
> Who?

Sorry Mangus.

> That might be okay for standalone workstations, but how do you get a 
> consistent UID/GID from host to host?  That is not, by default, kept in 
> AD.  The schema must be extended to provide this, or you must provide it 
> from somewhere else.  Otherwise stuff like NFS home directories doesn't 
> work.

Works fine. I have people WITHOUT user accounts on my *nix servers
getting to the shares fine. Those with accounts can also get to their
homes fine with respect to the servers. All this and the authentication
is via AD/SAMBA.

What I can tell you is that we used SAMBA 3.0.1, KRB5-libs-1.3.1, and
OpenLDAP-2.1.23/25 (Solaris/Linux), and libiconv-1.9.1. 

Again, I'll post my SAMBA 3.x.x write up as soon as legal ok's it.