[TriLUG] ldap authentication from Active directory or NTDS
rvestal at trilug.org
Sun Jan 18 22:49:36 EST 2004
Nope. It makes Windows boxes connect to *nix machines, but doesn't make it
easier, IMHO, for Windows boxes to connect to *nix boxes. Samba seems best
----- Original Message -----
From: "Turnpike Man" <turnpike420 at yahoo.com>
To: "Triangle Linux Users Group discussion list" <trilug at trilug.org>
Sent: Thursday, January 15, 2004 9:31 AM
Subject: Re: [TriLUG] ldap authentication from Active directory or NTDS
> I'm impressed. Does this make what Roy was doing unnecessary hard work?
> would seem so. If anyone publishes the notes they took, I'm excited to
> them! I'll add it to my www.turnpike420.net/linux2/ area where I save
> everything I have learned!
> David M.
> --- Magnus Hedemark <chrish at trilug.org> wrote:
> > This gives you a snap-in to MMC that just adds another tab to your user
> > management window. So you can assign a UID to the user, home directory,
> > etc. just like any other *NIX system. User KerberosV for password
> > authentication (which already works while making NO changes to your
> > Windows systems and simply running authconfig on a Red Hat Linux
> > You also can assign GID's to AD groups.
> > Note that the MS KerberosV implementation is b0rked in that there is no
> > admin server, so you can't change your password from Linux without some
> > sort of extra provisions.
> > With MS SFU installed on your AD server you can use NIS for user
> > (which has some security risks... a lot less than pure NIS since SFU
> > publishing password hashes through NIS but it is still exposing a list
> > user accounts and group memberships). You can connect to AD via LDAP
> > better security but its quite a bit more work.
> > SFU comes with an NFS server so you can share Windows home directories
> > Linux users via NFS. I'm skipping this option and instead building an
> > server for security reasons.
> > --
> > TriLUG mailing list :
> > TriLUG Organizational FAQ : http://trilug.org/faq/
> > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> > TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
> Do you Yahoo!?
> Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
More information about the TriLUG