Marthinus wrote:
> We have a Windows Small Business Server 2003 which our windows
> workstations authenticate against.
>
> I would like to configure our Red Hat Servers to also authenticate the
> users against the Small Business Server domain using their domain logons.
>
> I was thinking about using LDAP to retrieve the user's information and
> Kerberos for the user authentication since it seems to be better suited
> than LDAP for authentication.
>
> I have tried to set it up on a test machine but have failed to get it
> working.
>
> Which of these would be the best for retrieving the user information?
> LDAP, Winbind
>
> Which of these would be the best for the user authentication?
> Kerberos, LDAP, SMB, Winbind
>
> What would the configuration files look like or what entries should I
> check for?
>
> Any help on this will be appreciated as I have very little experience
> regarding shared logons.
>
> Thanks in advance.
>  
Try one at a time.

for example, try kerberos first. tweak your /etc/krb5.conf file to point
to the AD/SBS as the KDC and see if you can "kinit user@(protected)
run "klist" to see if you got tickets.

You may need to check the box for DES encryption for user in Active
Directory.

I recommend "Kerberos: The definitive guide" from O'reilly. It talks
about having unix talk to windows using kerberos and vice versa.

You might also try the kerberos mailing list at
https://mailman.mit.edu/mailman/listinfo/kerberos

Sincerely,
Jason

_______________________________________________
rhelv5-list mailing list
rhelv5-list@(protected)
https://www.redhat.com/mailman/listinfo/rhelv5-list