LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-14-2005, 11:37 AM   #1
Wha?Where?
LQ Newbie
 
Registered: Jul 2005
Posts: 19

Rep: Reputation: 0
Windows Active Directory


Here is my layout. I have a HQ at one site call it site A. I have a remote branch office call it site B. Site A and Site B are connected over a FW to FW VPN.

Site A:
Windows 2000 Active Directory network. All windows clients

Site B:
Linux file server using Samba and FC4. All windows clients.
Users log into their machines (all machines are in a workgroup and not members of the domain) and only need a server for file sharing so I didn't see any reason to pay for Windows server there. They rarely needed to get into the HQ.

I know there is a way to connect Linux servers with Windows AD servers, but is there a way to then authenticate the client PCs in Site B so that they will be able to pass their user credentials to the AD network to authenticate properly with things like Exchange and other network resources?
 
Old 12-14-2005, 12:29 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Use the search, Luke...


http://www.linuxquestions.org/questions/t363721.html
Also came up as the top-hit in
http://www.google.co.nz/linux?hl=en&...G=Search&meta=

The second down also looked very promising:
http://www.windowsnetworking.com/art...Directory.html



Cheers,
Tink
 
Old 12-14-2005, 02:26 PM   #3
Wha?Where?
LQ Newbie
 
Registered: Jul 2005
Posts: 19

Original Poster
Rep: Reputation: 0
Tink,

Thanks for the reply. I posted this question in the noob section because I am not sure I know what it is I am trying to do.... Those links are great places to start.

I guess my question is once I get my fedora core 4 server authenticated and joined to AD does winbind pass the login requests from the clients upstream to the DC?
 
Old 12-14-2005, 02:31 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
I don't think that it would - but if there's a VPN why
don't you just authenticate against the real thing in
the first place? FC as such doesn't have means to run
AD out of the box.

Read this one for more info:
http://www.pcquest.com/content/linux/2005/105010303.asp


Cheers,
Tink
 
Old 12-14-2005, 03:30 PM   #5
Wha?Where?
LQ Newbie
 
Registered: Jul 2005
Posts: 19

Original Poster
Rep: Reputation: 0
For some odd reason setting up Exchange on the Outlook 2003 clients doesnt "see" the domain controller thru the VPN. I have ANY to SERVER on ALL ports using a 3DES VPN... so you would think that going thru the Outlook config and plugging in the IP of the exchange server since the clients have no way of resolving mydomain.local would work and authenticate the user (aside from setting up a local hosts file - which I have done in some cases). But it doesn't. I was hoping that creating some kind of global catalog server in the local workgroup would fix this problem. I am going crazy and am grasping at straws now. And since LINUX is my savior in some other cases I figured its magic may help me out here.

FYI I get IMAP configured find on the clients in the office. I guess I need to start to think of something else.
 
Old 12-14-2005, 04:28 PM   #6
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,241
Blog Entries: 5

Rep: Reputation: 190Reputation: 190
Windows DNS makes use of resource records that the clients use to locate things like domain controllers. why not just enter your windows DNS server IP into the config of the workstations ? then when they need to find a machine, service, authenticate , they can do a DNS lookup to find out where they need to go.

If you are running a Windows 2000 or 2003 server with Active directory you have DNS running on the domin controller it is required.
 
Old 12-15-2005, 07:24 PM   #7
Wha?Where?
LQ Newbie
 
Registered: Jul 2005
Posts: 19

Original Poster
Rep: Reputation: 0
I think I acutally fixed the problem I had... and it was the last place I looked of course. I rearranged my FW rules to place the VPN rule at the top and things are working much better.

The reason I don't point my client pcs at the AD DNS Server is because they are laptops that require DHCP. I just put in a custom HOSTS file.
 
Old 12-15-2005, 10:17 PM   #8
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,241
Blog Entries: 5

Rep: Reputation: 190Reputation: 190
DHCP can hand out the Address of the DNS server... Let it do the work for you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL4 authentication to Windows 2003 Active Directory rtkaczyk Linux - Enterprise 40 10-29-2007 08:27 PM
connecting samba to a windows 2003 active directory domain Jcrofton Linux - Networking 8 09-17-2006 07:07 PM
Authenticating Linux against Windows 2003 Active Directory Builder Linux - Enterprise 26 08-30-2005 04:56 AM
ladp auth from windows active directory kjsubbu Linux - Networking 1 07-18-2005 05:27 PM
migration from windows active directory to linux ldap spyghost Linux - Networking 1 08-01-2004 01:26 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration