I have a "newbie" question. I am somewhat familiar with RH8 and have been using various installs since 6.2. I now need to have RH8 boxes in our labs and need to authenticate against Win2K Active Directory.

Question 1: Can this be done easily?

Question 2: I am currently attempting to use nss_ldap and pam (included in the same pkg) in client form and have modified the ldap.conf to point to the proper base. I have also un-remmed the section pertaining to AD usage, but cannot query against the AD.

Any help would GREATLY appreciated.

Well, I guess no one here knows how to setup Linux with AD, OR no one is willing to post it here, either way...I can now use AD to authenticate all users through LDAP and map home dir's

Actually, many of us are just getting familiar with ldap and Active Directory integration.

Samba 3.0 will be using ldap to talk to AD.

I tried using one of the early versions of Samba 3.0 but didn't get it to work. Will have to try again.

Well, since I have the answer, I'll post it.

First, you should use Microsoft Services for Unix. This allows the proper LDAP Unix identifiers for UNIX/Linux/MAC OSX usage.
It will install NIS services and allow you to control Users and Groups in UNIX, so ypbind has something to query and map home directories.

You then need to setup your client to bind to LDAP with pam_LDAP and nss_LDAP. You also have to bind with administrative credentials unless you allow anonymous access to LDAP in AD. (this anonymous access IS NOT the best way to do it since it opens a large security risk)