Linux and Microsoft AD
Does anyone know if there is a way to sync user accounts like AD and NDS do?
I was hoping to have 1 AD logon account and access Linux files, much the same way an NT user logs on and accesses Novell files. |
Auth back to the AD server...
see the 'password server =' parameter in smb.conf man smb.conf for more info |
You can also have a look at pam_ldap from www.padl.com and see if it supports MSAD as well
|
These commands should work:
security = domain password server = xxxxx The first line tells Samba that a domain controller will authenticate users. The second line tells Samba which machine is the domain controller. I have them working on NT 4.0. Should work on Windows 2000. Note that the users need to exist in the passwd file on the Linux server. There is a way to let Samba add the users once they have been authenticated by the domain controller. add user script = useradd %u -c "Account from PDC" -s /bin/false \ -d /home/%u -m -n -g accounts Modify the script to fit your distro. Basically it says: add a user to the Linux machine useradd %u -c "Account from PDC" don't allow him to logon locally -s /bin/false \ create a home directory under /home using the user name -d /home/%u -m -n add them to the accounts group -g accounts Do me a favour. Set up a Windows machine that is configured as a peer. That is, the user won't log into the domain. Try and get access to the Linux machine. See if it creates an account. I haven't had a chance to test this. I want to be sure that users will only be created if authenticated by the domain controller. |
All times are GMT -5. The time now is 08:42 PM. |