LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (https://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   Authentication against ADS adn FDS (https://www.linuxquestions.org/questions/linux-enterprise-47/authentication-against-ads-adn-fds-561890/)

Hep 06-14-2007 04:37 PM

Authentication against ADS adn FDS
 
Hi,

I have two directories servers, one Active directory and the other is a Fedora Directory. Now I need to authenticate users from both directories. Is there any kind of gateway to use as a central authentication server?. I was reading about CAS and Java Identity Manager but I am looking for other options.

Thanks.

mallux 06-28-2007 03:35 PM

Hi Hep

There are many options here and it really depends on your intended usage. I don't know about a central gateway but Fedora directory server is capable of replicating user accounts and passwords from AD, so if you want to authenticate from your Linux machines then you would set up a replicated users OU and point them at the FDS as usual - all your AD users will appear alongside your Linux accounts in the same directory.

It can also replicate users back to AD, which means that if your users want to use a Windows client they can login with the same details, only this time authenticating against the Windows AD server as usual.

Alternatively if you don't want to maintain two separate directories then you could look at merging them into one (perhaps taking the opportunity to do a clean-up and redesign where necessary). Theoretically you could use either technology, but if you want to authenticate Windows hosts against a Linux directory server you would need to replace MSGINA on the Windows boxes with something capable of generic LDAP authentication and I'm not sure I'd fancy doing that on my network. Linux machines are of course capable of authenticating against an AD server, though you have to consider where the *nix-specific account info is going to come from (installing MS services for Unix is one option).


All times are GMT -5. The time now is 06:47 AM.