Is there an "Active Directory" type for Linux Service
Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
There's nothing really similar to AD in that it's both a directory, authentication system, and service locator... I suppose NIS+ would be the closest thing, but it's not widely deployed any more. For directory there's OpenLDAP and for realm authentication there's Kerberos (what Microsoft copied and twisted into their domain authentication).
Distribution: Vector Linux 5.1 Std., Vector Linux 5.8 Std., Win2k, XP, OS X (10.4 & 10.5)
Posts: 344
Rep:
pbowrin,
Check out Samba 3 and Samba 4 at Samba.org
You should also check out the free on-line books regarding samba deployments also at Samba.org.
While Samba is not a windows AD clone, it does function as a NT or Win2k domain member. So you should be able to authenticate properly in a Win2003 domain because windows should be backwards compatible with win2k domain members.
Finally Ubuntu should work well with a samba domain controller and LDAP.
In 1996 the original developers of slapd became Netscape employees and developed Netscape Directory Server, which is now Fedora Directory Server
*LDAPv3 implementation
*4-Way Multi-Master Replication, to provide fault tolerance and high write performance
*Active Directory user and group synchronization
*Secure authentication and transport (SSLv3, TLSv1, and SASL)
*On-line, zero downtime, LDAP-based update of schema, configuration, management and in-tree Access Control Information (ACIs)
*Graphical console for all facets of user, group, and server management
We're considering implementing it for our servers here.
You can have any Linux system against AD by configuring the Winbind facility of Samba (you don't need to run the main smbd service for this, just the Winbind service).
Neither Fedora Directory Server nor the current version of eDirectory are Kerberos servers, so to provide AD-like authentication on Linux you need to run a Kerberos service in tandem with OpenLDAP/FDS/eDirectory.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.