LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-01-2006, 11:32 AM   #1
Fillys6
Member
 
Registered: Mar 2005
Posts: 31

Rep: Reputation: 15
Best/simplist way to authenticate with active directory? WSFU, WINBIND, or ??


I have done quite a bit of reading on this and can't really decide which would be better suited for my needs (WSFU, WINBIND, or ???). Here is the general scenario:

I have a Windows domain with 5 Windows servers and 1 RHEL3 server and approx 50 users. Managing passwords and user names gets a little frustrating because they are in 3 different places (the Windows login ID, the Linux login ID, and the Samba users). I would like to use my Windows Domain Controller as the authentication endpoint for everything using its Active Directory.

The Windows user ID's (ex: jsmith) are different than the Linux user ID's (ex: F0102011) so I must be able to map them to one another (jsmith = F0102011). I cannot make these the same because the program we use on the Linux box requires this type of user ID scheme. I also want my samba share permissions to come from AD as well. Ideally, when jsmith logs into his Windows XP machine and clicks the button to change his password, I would like it to change the password on his F0102011 ID too so that things stay consistent.

I have installed WSFU (Windows Services for UNIX 3.5) on my PDC but haven't done anything on the Linux side until I am sure this is the route I should go. I read a little bit on WINBIND but am confused on which of these would work better for me. Can someone give me a GENERAL description of the two? There is a lot of documentation out there but it is very detailed and complex. A general description would help along with any suggestions on which route to take.

Thanks!!

Last edited by Fillys6; 02-01-2006 at 11:41 AM.
 
Old 02-02-2006, 09:28 PM   #2
paul_mat
Member
 
Registered: Nov 2004
Location: Townsville, Australia
Distribution: Fedora Core 5, CentOS 4, RHEL 4
Posts: 855

Rep: Reputation: 30
well you have another choice as well, you can authenicate against LDAP, MS Active directory is basically a LDAP server.

on my website i have several how-to's you might want to look at to get some idea's.

http://www.yourhowto.org/content/view/34/9/ - Linux client to authenticate against ADS via pam & LDAP

http://www.geocities.com/evilperson85/serversetup/ - join windows to a windows domain script.

http://www.yourhowto.org/content/view/31/9/ - Authentication against Active Directories using winbind for pop3

the only thing i'm not sure about, is what pam module you would need to edit. for logining into the machine i think it's the /etc/pam.d/login

and i *think* if u edit the /etc/pam.d/samba module to get authenication against either LDAP of winbind
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
apache authenticate to Active Directory zuessh Linux - Software 1 07-08-2005 03:29 PM
Linux box Authenticate against Active Directory tulip4heaven Linux - Networking 2 05-31-2005 12:31 AM
Samba 3.0.4 with winbind and active directory upgrade problem jhibbets Red Hat 0 08-16-2004 11:24 AM
Authenticate to 2k3 PDC with winbind VertigoRay Linux - Software 0 09-27-2003 12:23 PM
Opinion, does samba+winbind work well with windows 2000+active directory? tisource Linux - Networking 5 02-23-2003 01:34 AM


All times are GMT -5. The time now is 11:38 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration