Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.


  Search this Thread
Old 04-02-2012, 09:15 AM   #1
LQ Newbie
Registered: Jun 2007
Posts: 4

Rep: Reputation: 0
Need assistance configuring LDAP authentication with Windows 2008 AD

I'm attempting to configure LDAP authentication on Red Hat Enterprise Linux 6.2 using SSSD with Windows Server 2008 Active Directory. At this point, I've read so many bits and pieces of this on various forums that my head's spinning. I don't know AD at all (other than what it does), and I've not configured an LDAP client before. What I really need is a step-by-step process or "cookbook", starting with the packages which must be installed, because I'm not convinced I have all of them.

Any and all info that forum participants can provide will be greatly appreciated.
Old 04-02-2012, 09:46 AM   #2
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
well first things first... where are your posix details coming from? Without additional unix schemas installed on AD, there isn't enough information on the AD to use as an unix account server.

I configure ldap on el6 through /etc/nslcd.conf and /etc/pam_ldap.conf, not fussed about sssd personally.
Old 04-17-2012, 12:32 AM   #3
LQ Newbie
Registered: Apr 2012
Location: Ottawa, Ontario, Canada
Distribution: Linux Mint/Android 5.0
Posts: 7

Rep: Reputation: Disabled
I probably can't help to much, but I can get you off in the right direction I think. LOL, ah well here goes:

Have you added the Microsoft Identity Management for Unix Role Service to AD? If not do so.

I joined Ubuntu to my AD domain 2008R2 Server using likewise-open using ADS security settings. I saw the ldap selection in the drop down of available authentication types but I did not use it, I selected ADS instead (Active Directory Services).

I don't use RH. I did try the following with Fedora 16 and it did not work out perfectly. I did also do the following with Ubuntu 10.04 LTS and it worked perfectly.

installed likewise open and samba-winbind apt-get in ubuntu and yum in fedora.

After that I used the likewise open shortcut I found in the administration menu's of each OS and from there it is pretty self explanatory, plug in DC and REALM, select security type and click join button. As I said, I never did get it working right on Fedora 16 (64 bit) but Ubuntu 10.04 LTS did it all seamlessly.

On the Windows 2008 server side, after you install Mgmnt for Srvs for unix, create a (global/security-defaults) group and use the groups properties sheet to configure the unix attributes. You can also do the same for each unix user you create. I am also just learning Windows 2008 Server. I have had some previous experience with 2ksrv and various versions of linux.

I found it easier, being gui driven, to find the GUID of the user on Ubuntu. I still haven't figured out how to find it on Fedora. I forgot how to do it and have had time to google it yet:-)



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL6, Windows 2008, LDAP Hejemin Linux - Server 4 05-19-2012 10:28 AM
intigration of windows 2008 server with open ldap yasir453 Linux - Server 6 10-01-2010 06:31 PM
Configuring Ubuntu 9.10 as client to use Samba/LDAP server for user authentication Xyan Ubuntu 1 01-24-2010 02:22 AM
Configuring LDAP as central authentication server with vsftpd and smb domain l0pht Linux - Server 1 01-01-2010 01:08 PM
ldap on ubuntuserver + windows terminalserver 2008 stian General 2 06-25-2009 09:33 AM > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 08:45 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration