LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 04-30-2011, 04:02 PM   #1
thund3rstruck
Member
 
Registered: Nov 2005
Location: East Coast, USA
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 346

Rep: Reputation: 38
Single Sign-On Recommendations


Hi guys,

I'm hoping someone can make some recommendations on how to achieve Single Sign-On in a heterogeneous environment (mix of Windows, Linux, and Unix servers and workstations).

At work we use Microsoft Active Directory to achieve SSO but at home it's becoming a real struggle for me to manage users and computers. At the very least I would love the ability to create a single set of logins and have those logins function on all the Windows, Linux, and Unix workstations and Servers.

I have done some reading on OpenLDAP but all the guides I have read are fairly old. If OLdap is the way to go can anyone share a link to a recent howto which could walk me through a very simple Use-Case (a set of 5 or so users that can login to any computer in the directory)?

Thanks in advance!

PS: I'm hoping to get a response from someone who has actually done this and not a google search (I have already spent way too much time playing with random guides from google)
 
Old 04-30-2011, 07:11 PM   #2
grapeshot
LQ Newbie
 
Registered: Apr 2011
Posts: 2

Rep: Reputation: 1
Take a look at this post on FedoraForum.org. I have used this method before and it works pretty well as long as all of your Windows boxes are capable of joining a domain.
 
1 members found this post helpful.
Old 04-30-2011, 07:21 PM   #3
thund3rstruck
Member
 
Registered: Nov 2005
Location: East Coast, USA
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 346

Original Poster
Rep: Reputation: 38
Quote:
Originally Posted by grapeshot View Post
Take a look at this post on FedoraForum.org. I have used this method before and it works pretty well as long as all of your Windows boxes are capable of joining a domain.
Holy cow, WOW! Thanks so much for that share; it's just what I was hoping for!

...And yea, all the Windows seats are Professional, Enterprise, or Ultimate so they can all join a domain.
 
Old 05-01-2011, 07:22 AM   #4
bmullan
LQ Newbie
 
Registered: Feb 2007
Posts: 8

Rep: Reputation: 4
single sign-on recommendations

I know Samba4 is listed as alpha but ... its the 15th alpha <g>. Its still scheduled to be released in 2011 according to the project timeline.

Watch the Samba4 Video's ... it only takes about 15 minutes but will easily demo how a Linux Samba4 server can become the PDC for a Windows Domain.

as I'm typing this the Samba.org wiki is offline but the URL to the SAMBA4 Video's is:

Joining Windows 7 to a Samba domain

I've found that there are quite a few organizations using it in production with good success.

Along that line I found out about an open source Resara.org that has taken Samba4 and done quite a bit of integration & menuing work to provide a nice Samba4 Admin Console.

You can download the source but they also other choices including:
pre-packaged binaries
pre-packages VMs (vmware or virtualbox)
an Ubuntu PPA for Resara and Ubuntu 10.04 LTS.

Installing is simple and so is configuration.

You might want to give that a try and see if it will work for you.
 
Old 05-01-2011, 08:59 AM   #5
thund3rstruck
Member
 
Registered: Nov 2005
Location: East Coast, USA
Distribution: Fedora 18, Slackware64 13.37, Windows 7/8
Posts: 346

Original Poster
Rep: Reputation: 38
It looks like Samba has really come a long way since the last time I investigated using it for single sign-on. Back then it was barely competitive with NTv4 workgroups. I guess I just assumed that since Active Directory is based on the LDAP X.500 specification that OpenLDAP would be the appropriate (free) alternative.

I just need to make sure that ultimately I will be able to log into all my Linux and Windows machines with the same sets of credentials without having to create each user account on every single machine in the house and if I disable/lock/reset any account at the DC that the change is replicated down to all the clients automatically.

Thanks again guys! Hopefully I will have some spare time to dig into this soon!
 
Old 05-02-2011, 09:24 AM   #6
slouching
LQ Newbie
 
Registered: Jan 2010
Posts: 3

Rep: Reputation: 3
You may want to have a look at this tool from Centrify. They have "express" version free of charge, and seems perfect for small implementations. http://www.centrify.com/express/free...asp?r=menu-nav
 
  


Reply

Tags
openldap


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
single sign on yasir453 Linux - Server 7 05-15-2010 11:46 AM
Single Sign On for linux thanhdat Linux - Server 4 07-22-2009 04:14 AM
NIS or ??? for single sign on w/ AD DotHQ Linux - General 2 12-20-2006 04:01 PM
Single Sign-on Solution sunhui Linux - Software 1 07-14-2006 10:46 PM
Single Sign-On help vvandam Linux - Security 6 07-21-2003 05:23 AM


All times are GMT -5. The time now is 08:41 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration