Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can i add my linux box to be one of the Windows 2003 server domian members, in other words can the authentication process of the linux client done by the windows 2003 ent. server.
i use RHEL 3.0 WS as my distro.
and another question the right opposite....
can i make all the windows client to be authenticated by my redhat linux server.
I know that you can have windows client to authenticate to your linux system, running a samba server on your RH box. All the process will be transparent to the client. This is slightly different from ADS but it will works the same.
About the opposite... I really dont know, but I would believe that you can't. I really doubt Micro$oft made a way for any system other than M$ systems to authenticate to ADS. But i'm not quite sure, maybe some hackers already reverse engineered the authentication process. My best guess would be to first take a look at Samba website... In worst case I _think_ you can setup LDAP on a Windoze box, you could use that to authenticate Unix client (this is just a guess).
Using Samba's "winbind" and kerberos, a linux client can be configured to join and authenticate against a Microsoft AD controller. I do it here. See: Samba ADS Domain Membership
Greetings
I am also trying to get a RH9 Samba server to authenticate to a Win 2003 AD. Any help would be much appreciated...perhaps if scowles reposts his link with an actual link?
Originally posted by scowles Using Samba's "winbind" and kerberos, a linux client can be configured to join and authenticate against a Microsoft AD controller. I do it here. See: Samba ADS Domain Membership
Note, does not work in 2003 AD native mode (at least not for me...).
Originally posted by Brian Knoblauch Note, does not work in 2003 AD native mode (at least not for me...).
Interesting! Thanks for pointing this out. When I checked the properties of my 2003 AD controller, it says its set to 2000 native mode. Which works fine with linux winbind/kerberos (at least at this end).
I might have to find some time to setup an AD controller in the lab and try raising the functional level to 2003 and see if I can't get linux winbind/kerberos and AD to play together.
Originally posted by scowles Interesting! Thanks for pointing this out. When I checked the properties of my 2003 AD controller, it says its set to 2000 native mode. Which works fine with linux winbind/kerberos (at least at this end).
I might have to find some time to setup an AD controller in the lab and try raising the functional level to 2003 and see if I can't get linux winbind/kerberos and AD to play together.
If you do, I'd be very interested in the results. I have Linux and Mac boxen that won't play nice with all my Windows equipment. Sure would be nice to get them to talk to Active Directory.
I don't know if the protocols themselves changed much in 2003 native mode, but I do seem to remember that the ports changed (old NetBIOS ports have been abandoned). I would expect that a lot of the gaping security holes in the "NetBIOS" support have been patched and not just moved to a new port? :-)
Just thought i'd pip in to say Kerby auth works fine on my SuSE 9.2 test box with our 2003 native mode setup. With pur current fileserver running out of space i am contemplating running a Samba 3 Winbind/Kerb setup on an additional box - perhaps even taking the current 2003 based server down and putting it on there also (Does no AD stuff anyways) as the virtual filing system would make future drive expansion easier.
Does anyone know of any perils with running Winbind? I seem to hear one fellow having his SIDs go out of sync between samba and windows, which sounds rather serious!
How about Quotas, is that easy enough to setup? Because i've read of some place that is basically selling these linux boxes with a terabyte of storage rather cheaply, but they lack quota control & don't intend to bring anything out to address that so far.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.