LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 02-16-2005, 10:10 AM   #16
Lleb_KCir
Senior Member
 
Registered: Nov 2003
Location: Orlando FL
Distribution: Debian
Posts: 1,765

Rep: Reputation: 45

Quote:
Originally posted by musicman_ace
Congrats. Now that you've went through all that, have you thought of writing a how-to? Possibly the LinuxQuestions Answer?
agree, id be more then interested in seeing how you did it in a very detailed step by step fassion of a HOWTO to include pitfalls and how to avoid them.
 
Old 02-16-2005, 10:26 PM   #17
alex r
LQ Newbie
 
Registered: Feb 2005
Posts: 26

Original Poster
Rep: Reputation: 15
Sure! Give me some days for the HOWTO
 
Old 02-25-2005, 06:49 AM   #18
alex r
LQ Newbie
 
Registered: Feb 2005
Posts: 26

Original Poster
Rep: Reputation: 15
Ok, I promised a HOWTO. Yet I'm still busy with continuing my project which also includes automounting home directories and more. But to reach what I've reached there's no better HOWTO than this article:

http://www.microsoft.com/technet/its...w/01wsdsu.mspx

It's very detailed and you need some time to go through but it really works!


Write some comments if it worked for you or if you're stuck.
 
Old 02-28-2005, 03:29 AM   #19
STeeF
LQ Newbie
 
Registered: Jan 2004
Location: Holland, Reeuwijk (near Gouda)
Distribution: Debian / Redhat 9 / Fedora Core 1
Posts: 8

Rep: Reputation: 0
Quote:
Originally posted by alex r
I had to create a user with permissions to access user data on the AD
I'm facing the same problem Alex r is (or was) facing, I've to intergrate Linux workstations into the Active Directory server (windows 2003). I've not yet succesfully authenticated to the LDAP server, I'm getting the message "pam_ldap: error trying to bind (invalid credentials)" I know Alex r had created a special ldapuser which I also created but because I'm a coplete newbie in Windows Server I don't know where to active the permissions to access user data for the AD could somebody give me some hint's or tips? Where do I set these permissions?? I thought I add the ldapuser to the Administrator group would be enough

Could somone also give me some tips for the automounting of home directory's ?? can that be done automatic or do I have to write a login bash script? What is the preferred way? Samba or NFS or NIS?

Many thanks!!
 
Old 03-07-2005, 03:53 PM   #20
donahoo
LQ Newbie
 
Registered: Mar 2005
Distribution: CentOS
Posts: 1

Rep: Reputation: 0
I just added a new user to Win2k3 without any special settings. Seems to work for the LDAP binding as per the docs provided by Microsoft at

http://www.microsoft.com/technet/its...w/08wsdsu.mspx

This describes the settings for using LDAP - Active Directory - and PAM for Linux/UNIX user authentication via Active Directory server with installation of Windows Services for UNIX v3.5

--
Randy
 
Old 03-16-2005, 03:52 AM   #21
alex r
LQ Newbie
 
Registered: Feb 2005
Posts: 26

Original Poster
Rep: Reputation: 15
@STeeF:

I hope the hint from donahoo helped. I didn't checked that document but on the microsoft one I mentioned in an earlier post is a detailed description. Maybe download the pdf cause that's easier to handle. The document describes how to set up a user called 'padl' with minimum rights. If I remember right, you also need to set up a new group but I'm not sure about that anymore.

Automounting home directories sux hard! It's too much too explain it here. Read my post at the microsoft newsgroup to find out what pain you'll face.

http://groups.google.co.in/groups?hl...orunix.general

The guys are writing about using NIS but I don't have a clue how that should work. Server for NIS running at your windows server is not getting recognized and even if it does I doubt you'll get useful information from it. Since my goal is to reach maximum compatibility with Linux, users need to have the same home directory no matter with what OS they login. This means you need to share the top level folder containing the home directories two times. First, make a NFS share for your UNIX clients. Then make a SMB (normal windows) share for you windows clients. Once you get everything to work (took me quite long but my posting I mentioned above should help) you need to login as root and change NFS permissions to chmod 700 (rwx------) manually if you want to keep other users from browsing to foreign home direcories. Quite a lot of work if you have many users. Therefore think about a script
 
Old 11-04-2005, 10:27 AM   #22
Bleunique
LQ Newbie
 
Registered: Oct 2005
Posts: 8

Rep: Reputation: 0
A FC4 HOWTO in progress...

It doesn't cover everything, but I should cover the Linux portion. Post in that thread if you find errors.

http://www.linuxquestions.org/questi...50#post1907850
 
Old 11-16-2009, 04:52 AM   #23
easyrider27
LQ Newbie
 
Registered: Nov 2009
Posts: 2

Rep: Reputation: 0
The answer article

Hello,

In last post of this article (not mine); someone requested that you write up an answer article; I am just wondering if you did.. The whole process doesn't seem that straight forward and as someone who is new to this, it would be great to see a step-by-step guide.

Regards,
easy
 
Old 11-16-2009, 05:49 PM   #24
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Post #22 is 4(!) yrs old ... don't hold your breath.
 
Old 11-18-2009, 11:26 AM   #25
Bleunique
LQ Newbie
 
Registered: Oct 2005
Posts: 8

Rep: Reputation: 0
Quote:
Originally Posted by chrism01 View Post
Post #22 is 4(!) yrs old ... don't hold your breath.
I think he's talking about Post #15, which is pretty stinkin' old, too.

If folks have questions about the way I set it up, I'll answer questions in my thread in post #22 because, imo, it's still relevant.

I'm now using AD's Kerberos for the auth and AD's LDAP for user attribute storage, instead of LDAP auth.

I auth about 200 Linux machines and a few Solaris 10 machines using this mechanism. I have not performed any performance tweaks other than adding "referrals off" in ldap.conf for a multi-site domain. I don't have thousands, or even hundreds of users authenticating, so what works for me may not work for you.

FYI: I've had problems on RHEL involving system message bus not wanting to start on boot if ldap is inaccessible. I actually have to iLO into my machines, boot with single user mode, turn off ldap in nsswitch.conf, boot, then enable it once I get into multi-user mode. There seems to be a patch or a workaround, see: https://bugzilla.redhat.com/show_bug.cgi?id=186527, but I haven't used it as the problem has only occurred once in the last year.

AD auth works phenomenally on Solaris 10 amd64.

Last edited by Bleunique; 11-18-2009 at 11:31 AM. Reason: clarification.
 
Old 11-19-2009, 07:21 AM   #26
easyrider27
LQ Newbie
 
Registered: Nov 2009
Posts: 2

Rep: Reputation: 0
To be honest..

I'm about to embark on setting up Perforce and Teamcity with LDAP for more efficient account management.
 
Old 04-07-2010, 04:47 AM   #27
spixx
LQ Newbie
 
Registered: Apr 2009
Posts: 5

Rep: Reputation: 0
Sorry for yet another old thread bump but I've been there done that on the AD part of this: http://b-landia.net/wiki/doku.php/guide:sso
directly to the configuration part:

http://b-landia.net/wiki/doku.php/gu...#configuration
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP and Active Directory Ecalvam Linux - Networking 5 11-10-2005 08:53 AM
Postfix LDAP lookups with Active Directory paul_mat Linux - Networking 1 11-02-2005 08:44 PM
Active Directory, Kerberos, LDAP, PAM, and nsswitch PenguinPwrdBox Linux - Security 1 06-04-2005 09:56 PM
samba ldap winbindd kerberos with active directory errors xtrusion Linux - Software 0 03-21-2005 04:24 PM
migration from windows active directory to linux ldap spyghost Linux - Networking 1 08-01-2004 12:26 PM


All times are GMT -5. The time now is 01:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration