LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-31-2006, 03:13 AM   #1
humbletech99
Member
 
Registered: Jun 2005
Posts: 374

Rep: Reputation: 30
Ideas for best Single Sign-on solution?


Hi,
I'm currently debating migrating from an NT4 domain to an Active Directory domain or to a Samba domain. I would like ideas regarding this migration and the possibilities, or just people's opinion's and/or experiences.

I know AD is far ahead of Samba, but is it worth the money if all you're using it for is user authentication. Isn't it overcomplicated with LDAP and Kerberos?

The background: the company has around 50 people, 40 in london and 10 in another office abroad, connected via vpn. We have 40~ windows machines and 30+ linux servers plus a drizzle of macs (which aren't really important and don't need central authentication).

Will linux work ok with AD or will it be an uphill hackish struggle that will result in fragile authentication that could break at any time or have any unreliability?

Also, am I gonna get hammered for licensing if I try to connect linux clients to the AD because of CALs?


Talk to me please, people.
 
Old 01-31-2006, 08:13 AM   #2
m2acis
LQ Newbie
 
Registered: Jan 2006
Location: Latvia, Riga
Distribution: Slackware, Ubuntu
Posts: 18

Rep: Reputation: 0
I'm not pro in these things (I am going to be), but as far as I know samba can work with AD and that samba can authenticates against AD windows server, but in recent release they have progressed and are working to integrate AD completely into samba. I know that simple domain without AD support works well with samba. I recall that AD was impossibel for system i'm talknig about because we weren't able to get kerberos. There was problem with US laws about transporting cyrptographical software outside US.
 
Old 02-01-2006, 07:19 AM   #3
humbletech99
Member
 
Registered: Jun 2005
Posts: 374

Original Poster
Rep: Reputation: 30
good luck going pro, it's just about the hardest career you could have chosen now that the market is full and nobody seems to want to take anyone without several years experience and qualifications so nobody seems to be able to get into it now (I know many guys who've failed to get jobs in it here in the last few years, after 2-3 years gave up and all work in different fields now). But don't let me put you off, maybe it's just that way in UK... Latvia is probably very different.

Anyway I'm going to authenticate linux to AD, I've already done the NT4 domain authentication so I just need to do kerberos and ldap in a new test I'm running now for an AD domain.
 
Old 02-02-2006, 04:16 AM   #4
m2acis
LQ Newbie
 
Registered: Jan 2006
Location: Latvia, Riga
Distribution: Slackware, Ubuntu
Posts: 18

Rep: Reputation: 0
Tottally OFFTOPIC!

I think I'm in a good position - I already am telecomunication specialist (this is my education) and work with phone networks, but I learn IT in parallel. So I have a job already, but with posibility advance to IT departament . Computers and IT is my hobby (not to say more =). So I hope the situation you described in England won't apply to me.

Last edited by m2acis; 02-02-2006 at 04:17 AM.
 
Old 02-02-2006, 04:43 AM   #5
humbletech99
Member
 
Registered: Jun 2005
Posts: 374

Original Poster
Rep: Reputation: 30
hopefully not, if you're in a company, it will be much easier to change to IT department in that company than to get into new company. i'd recommend shifting position within your company.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Small Network and Single Sign On with different clients k.king Linux - Networking 5 10-26-2005 02:43 PM
Setting single Sign on using openLDAP kghoshal Linux - Security 1 12-07-2004 12:50 PM
need info on pam for single sign on bahadur Linux - Security 1 07-16-2004 09:01 AM
Single Sign-On help vvandam Linux - Security 6 07-21-2003 05:23 AM
AFS Config. Using single sign on fenriswolf Linux - Security 0 07-20-2001 10:09 AM


All times are GMT -5. The time now is 09:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration