LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (http://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   authenticate AD users to openldap (http://www.linuxquestions.org/questions/linux-enterprise-47/authenticate-ad-users-to-openldap-791070/)

hkg04 02-23-2010 02:22 PM

authenticate AD users to openldap
 
I think this question has been asked by many people but I still can't seem to find the answer for it. I would like to have my Windows Active Directory users, either logon to the domain using desktop or Termainal server, to authenticate to an Openldap server so that they can access resource on the linux machines. I tried Microsoft's Service for Unix 3.5 but it only support NIS or password file synchronization. I was also thinking about Kerberos cross realm trust, but it didn't seem to me as a single sign on solution.

Thanks

custangro 02-23-2010 09:21 PM

Quote:

Originally Posted by hkg04 (Post 3874195)
I think this question has been asked by many people but I still can't seem to find the answer for it. I would like to have my Windows Active Directory users, either logon to the domain using desktop or Termainal server, to authenticate to an Openldap server so that they can access resource on the linux machines. I tried Microsoft's Service for Unix 3.5 but it only support NIS or password file synchronization. I was also thinking about Kerberos cross realm trust, but it didn't seem to me as a single sign on solution.

Thanks

What OS are you running on the Linux side? If you're using RHEL/CentOS...

http://www.linuxmail.info/active-dir...amba-centos-5/
http://www.linuxmail.info/active-dir...ingle-sign-on/

hkg04 02-23-2010 10:12 PM

It is Redhat base distro. I do know winbind and SFU 3.0. But they don't authenticate domain user through openldap. I did try SFU but it only support NIS and password file synchronization. My intention is to allow Windows users to use Linux resource while they are logging onto the domain through think client or remote desktop session.

custangro 02-23-2010 10:31 PM

Quote:

Originally Posted by hkg04 (Post 3874571)
It is Redhat base distro. I do know winbind and SFU 3.0. But they don't authenticate domain user through openldap. I did try SFU but it only support NIS and password file synchronization. My intention is to allow Windows users to use Linux resource while they are logging onto the domain through think client or remote desktop session.

You would need to set up replications between AD and OpenLDAP (RHDS or FDS/CDS)...

http://www.redhat.com/docs/manuals/d...ation_Overview

http://www.redhat.com/docs/manuals/d...onization.html



-C

hkg04 02-24-2010 09:34 AM

Although our distro is RH base, but we don't use RHDS, only openldap.


All times are GMT -5. The time now is 05:53 AM.