LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Linux server authentication with Active Directory (http://www.linuxquestions.org/questions/linux-server-73/linux-server-authentication-with-active-directory-810926/)

capricorn80 05-29-2010 10:42 AM

Linux server authentication with Active Directory
 
Hi!

Its very command question that how we can have linux servers authentication with active directory but i just to add few things with it.
In my case we own the OU and dont have rights to main domain. I dont know it does matter or not. All i want is that all user can use their active directory login/password to login to linux servers in our O.U.
Please recommend me some doc/site.

Regards,

ComputerErik 05-29-2010 11:38 AM

I have had good results from Likewise and Centrify.

It is also possible to do without the specific packages by using Samba, Winbind, and Kerberos. While I have been able to get this to work it has been more hit or miss, and involves a fair bit more work.

No matter what though you will need an account with permissions to join the Linux machines to the domain, and make sure they get into the proper OU.

capricorn80 05-29-2010 11:53 AM

Hi!

Yes i have account that can add computer to the domain.

I guess these packages are commercial. I will prefer to go with some open source stuff.

Regards,

ComputerErik 05-29-2010 12:25 PM

Quote:

Originally Posted by capricorn80 (Post 3985466)
Hi!

Yes i have account that can add computer to the domain.

I guess these packages are commercial. I will prefer to go with some open source stuff.

Regards,

Likewise has an opensource option which has some limitations, but will do basic authentication just fine.

capricorn80 05-29-2010 01:19 PM

Thanks ComputerErik.

Is it possible to have one authentication server in linux and than open a trust with active directory? Just a thought.

Regards,

ComputerErik 05-29-2010 04:40 PM

Anything is possible, it is just a matter if how much time, money and effort you want to put into developing and maintaining a system. I have seen a case where the solution was to use a custom written password change tool that then search all directories (Windows, LDAP, NIS, etc.) in an organization, search for an existing user account, and update passwords. So each OS was able to work in a native mode, but you still only had a single username/password.

I think the new direction I have been seeing is for a single backend authentication mechanism that all systems will query directly.


All times are GMT -5. The time now is 02:52 AM.