Mailing List
Home
Linux - General Red Hat Linux discussion list
Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)
Installation - Getting started with Red Hat Linux
Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)
Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)
Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)
Red Hat Linux 8.0 - Discussion of Red Hat Linux 8.0 (Psyche)
Red Hat Linux 7.1 - Discussion of Red Hat Linux 7.1 (Seawolf)
Apache Web Server
Oracle database, Microsoft SQL server ...
Subjects
application/x mplayer2 plugin
RPM error: db4 error(16) from dbenv >remove: Device or resource
   busy
Command stream end of file while reading
X Windows problem (xauth)
Upgrading openoffice 1 1 rpm
FTP: connection refused
FTP: connection refused
mount: /dev/cdrom: is not a valid block device
Dell Precision 650, RedHat 9, no sound
how to trace the cause resulting in the crash of bind server
Virus on the list
UNINSTALL RPM MYSQL
usb pen drives: mounting as a user
broadcom network interface
make mrproper
sendmail configuration on redhat
Couldn 't open PID file /var/run/named/named pid Permission denied
Promise 378 controller
kernel 2 6 and /dev/sound/mixer not found
Problem using up2date
mrtg step by step howto/configuration for a newbie?
Compiling and Installing Kernel 2 6
Can 't locate module ppp0, can 't locate module ppp compress 21
HOW I CAN MAKE BOOTABLE FLOPPY DISKET
Lotus Notes under Wine
/etc/security/limits conf question
Intel E/1000 driver
Command stream end of file while reading
rpm database corrupt
qla2300 modules
 
Search:  
Power your search with and, or, +, -, or "some phrase" operators.
RE: best authentication solution for Linux in an Active Directory
   environment?

RE: best authentication solution for Linux in an Active Directory
   environment?

2004-11-11       - By Montz, James C. (James Tower)

 Back
Reply:     1     2     3     4  

We 've used WinBind with great success here.

Although we have not yet integrated it with Active Directory, I do know
that it supports it.

-- --Original Message-- --
From: taroon-list-bounces@(protected)
[mailto:taroon-list-bounces@(protected)]
Sent: Thursday, November 11, 2004 11:36 AM
To: taroon-list@(protected)
Cc: Wess Neatherlin
Subject: best authentication solution for Linux in an Active Directory
environment?

Hey guys and few gals,

It has been a while since I last had to do something list this but I
need to
integrate authentication between a bunch of linux servers (50) and our
Active Directory environment. Last time I did this - long time ago - we
just
used pam_smb and samba would create a new local user every time a new
user
got authenticated. I think there are better way out there nowadays.
Here 's
what I 've looked into:

*   Pam_ldap - this is by far the cleanest solution but it would
require
Windows Services for Unix on the AD servers which I looks like a scary
thing
to do and I 'm not ready to jump on (Let 's just say my AD structure is
VERY
large and moody)
*   Kerberos - This would work but would still not give a user a
GID/UID
(as far as I know)
*   Samba3 - Now this is a tricky one, it works really well but I
would
be over kill for my web servers (a bunch of old beat up servers)

The solution I 'm coming up with right now would use NIS on the web
servers
and winbind/Samba3 on the back end servers and would keep NIS in since
with
the winbind users, but this is turning out to look very complex, and I
just
keep thinking to myself that there 's got to be a better way out there.

If anyone has any ideas/comments out there, let 's hear it!

Btw, here 's what I 'm interested in:

*   Single authentication with no changes to the AD infrastructure
*   Not care much about UID 's being consistent across boxes.
*   A single GID would be nice to allow rights to be given to the
"Operations " team


- raf

Rafael Ferreira
Senior Unix Administrator
University of Phoenix Online
rafael.ferreira@(protected)
(480) 557 1730


--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list

--
Taroon-list mailing list
Taroon-list@(protected)
http://www.redhat.com/mailman/listinfo/taroon-list