linux authentication with Windows Active Directory
 

Hello all, this is my first post here and I hope that it is in the right place. I am an IT guy who has been using Microsoft products since the early 80's, but I am new to Linux and excited about the prospects of utilizing it for a workstation at the office.

My question is this...Is there an easy to get a Linux box to authenticate with Active Directory? I have 2 servers at the office running Windows Server 2003 and would need to be able to authenticate to the network for Linux to be a viable workstation choice for me.

Again, I apologize if this is not the correct place for this question...if not, then let me know where to post such questions in the future.

I searched the forum for Active Directory Authentication and found pages full of complicated setups, but I need to know if there is a GUI way or some simpler way.

By the way, I just removed Windows from my home desktop, my personal laptop, and my netbook and replaced them with versions of GNU/Linux (prefer Debian-based at this time, such as Ubuntu, Mint, etc...go GNU/Linux!!

Hello Carlicus,

it is possible to integrate a Linux-computer into a Windows-AD-domain. If it is easy.... I don't know. As far as I know you'll have to use the samba package. And I think I've read that Suse has a builtin support for AD (but I'm not sure).

Maybe you'll better post this issue in the "Linux-Server" part of this forum http://www.linuxquestions.org/questi...nux-server-73/.

Markus

Markush,

Thank you for your quick and courteous reply. I will do as you suggested and post in Linux-Server area.

I was shocked when I googled 'linux active directory' and got this --> http://technet.microsoft.com/en-us/m....12.linux.aspx an actually well written howto on configuring linux for authenticiating with winbind - on MS-technet! Will wonders ever cease. Anyway, one of the things you will soon discover about linux is there is always a way but the more complicated tasks usually require 1) commandline tools 2) google 3) editing several text config files. Do not count on finding a GUI that will cover all your needs here.

I hope that helps. If not, I saw lots of info on my google search, and I see that this question has been asked at least 6 times to other sections of this forum so there are answers out there.

Welcome to Linux!!!

Hello Gillbertiddio,

thank you for that interesting link.

Markus

Note that if you just want to connect your Linux box as a wkstn to an MS-server, you only need the client sw (at the cmd line it'll be smbclient). Don't end up trying to install the server stuff as well.
:)

Thanks everyone for the responses...I appreciate it!

IMHO, it's not surprising that there was a well-written MS article. They tend to document rather well.

The samba wiki also has a section on integrating with AD.

http://wiki.samba.org/index.php/Samb...tive_Directory

I found it helpful, though I had to do a couple of things differently. I put up my own page at
http://home.roadrunner.com/~computer...u/adsamba.html

I found it fairly straightforward to do.

My Linux box is connected to window's Active Directory.
On linux terminal-
Wbinfo -u :- showing me all domain users
wbinfo -g := showing me all AD groups.

Now the problem is anyone who has domain account can login to linux box. I want to restrict access to linux box depending on AD groups.
Users in only particualar group should able login to box.
Not all AD users. Is there any way to restrict it.
Please help.. i searched a lot but could not find any answer..

Hello vhiware,

that's no problem. In the active-directory you'll have to configure the properties of the users. In the Tab Account->"Log On To" you can configure which user may logon which computer.

You may create an OU for users which can logon your Linux-box and another OU for those who may not.
But I'm not sure about the next step, maybe the simple way is to chose all useraccounts and change their properties together. If this isn't possible you'll have to search for a policy which handels logons to computers.

Markus