[TriLUG] LDAP vs AD vs NT domains vs eDirectory vs RHELdirectoryserver

David McDowell turnpike420 at gmail.com
Mon Dec 11 11:31:11 EST 2006 

openLDAP + kerberos... TriLUG cluster info:

http://www.trilug.org/pipermail/trilug/Week-of-Mon-20061030/045026.html



On 12/11/06, OlsonE at aosa.army.mil <OlsonE at aosa.army.mil> wrote:
> I'd definitely look into OpenLDAP then. At a previous company, we were
> using that in OSX ...and it worked great.
>
>
> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
> Behalf Of Chris Bullock
> Sent: Monday, December 11, 2006 9:41 AM
> To: Triangle Linux Users Group discussion list
> Subject: Re: [TriLUG] LDAP vs AD vs NT domains vs eDirectory vs
> RHELdirectoryserver
>
> I guess I should have mentioned that MS is not an option. $$$ We also
> have/had an Samba domain, it works, but is not elegant at all. This was
> a "hurry up we have 24 hours to get this office up and running"
> situation.  I really don't like the double duty you have to do to have
> unix and smb users, plus the machine accounts don't seem to always work.
> This is my fault but we did not map the "admin" account correctly so
> there are no "domain admins" for that domain, you have to log in locally
> to do any admin stuff.
>
> Hope that adds a little to the feed back I get.
>
> ----- Original Message ----
> From: David McDowell <turnpike420 at gmail.com>
> To: Triangle Linux Users Group discussion list <trilug at trilug.org>
> Sent: Monday, December 11, 2006 9:26:39 AM
> Subject: Re: [TriLUG] LDAP vs AD vs NT domains vs eDirectory vs RHEL
> directoryserver
>
> Also, FYI, w2k3 R2 also has some additional features that work well with
> *nix environments as I understand it.  We don't have the R2 release
> here, but if you are buying today, that's what you get.  Even without
> that we are doing AD auth with our Apache web apps and have just
> completed doing kerberos auth and setting up IE on our clients for
> auto-login to the secured websites based on desktop login information
> and it's working great (adding the allowed website to the Intranet zone
> and installing the ssl cert so the user doesn't have to type usr/pwd to
> login to the web app).  Believe it or not, with Services for Unix
> installed on one of our  w2k3 servers, we are also using it as our NFS
> install point over the network using the ISO files and we are now
> mirroring NCSU's CentOS repo for yum updates.
>
>
>
> Now that a couple of us have pimped Microsoft on a linux list... Don't
> forget that Samba may or may not also be an alternative you had not
> mentioned.  I'd love to know that openLDAP or RHEL Directory server
> could meet all your needs, but for us with tons of winXP clients, AD is
> the best and we just make all this other stuff work as we can for the
> Linux servers.
>
> best of luck,
> David
>
>
> On 12/11/06, OlsonE at aosa.army.mil <OlsonE at aosa.army.mil> wrote:
> > well, if you were intending on staying with a windows machine for some
>
> > form of services, i'd highly recommend you migrate nt4 to windows
> 2003.
> > the path is fairly easy, and upgrade is minimal (depending on what nt4
>
> > services you were running). this would also preserve your clients, and
>
> > user names and passwords. if you're really not concerned about this,
> > then put in a win2k3 domain controller.
> >
> > if you have any specific questions about nt4 > win2k3, you can contact
>
> > me off list if you like (or on list even). i rolled out a large scale
> > nt4 > win2k3 migration for the government (with 3 remote sites).
> >
> > user management is definitely a lot easier in win2k3 ad... and ad
> > gives you quite a few things you can do with your windows clients.
> > i've heard of people migrating off nt4 and using their linux server as
>
> > a "domain controller" so to speak ...but i personally haven't tried it
>
> > in production.
> >
> > -----Original Message-----
> > From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On
> > Behalf Of Chris Bullock
> > Sent: Monday, December 11, 2006 8:55 AM
> > To: trilug trilug
> > Subject: [TriLUG] LDAP vs AD vs NT domains vs eDirectory vs RHEL
> > directoryserver
> >
> > We have an old dying NT4 domain that we currently use only for user
> > authentication to gain access to network services.  We are long
> > overdue for an overhaul and I am looking for advice on which direction
> to go.
> > As I mentioned before currently we are using the NT4 domain for user
> > and Windows client authentication, our overall goal will be that all
> > mail
> > (postfix,) linux systems and users, and other possible MS apps be able
>
> > to authenticate against this.
> > Here are my questions:
> > 1.  What could be a drop in replacement for our current NT4 domain?
> > 2.  What will give us AD type authentication/access and how easy or
> > difficult will it be to set up, ie is there anything as easy as the
> > click and add feature available in AD?
> >
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> > --
> > TriLUG mailing list        :
> > http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ  : http://trilug.org/faq/ TriLUG Member
> > Services FAQ : http://members.trilug.org/services_faq/
> > --
> > TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> > TriLUG Organizational FAQ  : http://trilug.org/faq/ TriLUG Member
> > Services FAQ : http://members.trilug.org/services_faq/
> >
> --
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/ TriLUG Member
> Services FAQ : http://members.trilug.org/services_faq/
>
>
>
>
>
>
> ________________________________________________________________________
> ____________
> Want to start your own business?
> Learn how on Yahoo! Small Business.
> http://smallbusiness.yahoo.com/r-index
> --
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/ TriLUG Member
> Services FAQ : http://members.trilug.org/services_faq/
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>

More information about the TriLUG mailing list