Quote:
|
Sure! Give me some days for the HOWTO :study:
|
Ok, I promised a HOWTO. Yet I'm still busy with continuing my project which also includes automounting home directories and more. But to reach what I've reached there's no better HOWTO than this article:
http://www.microsoft.com/technet/its...w/01wsdsu.mspx It's very detailed and you need some time to go through but it really works! Write some comments if it worked for you or if you're stuck. |
Quote:
Could somone also give me some tips for the automounting of home directory's ?? can that be done automatic or do I have to write a login bash script? What is the preferred way? Samba or NFS or NIS? Many thanks!! |
I just added a new user to Win2k3 without any special settings. Seems to work for the LDAP binding as per the docs provided by Microsoft at
http://www.microsoft.com/technet/its...w/08wsdsu.mspx This describes the settings for using LDAP - Active Directory - and PAM for Linux/UNIX user authentication via Active Directory server with installation of Windows Services for UNIX v3.5 -- Randy |
@STeeF:
I hope the hint from donahoo helped. I didn't checked that document but on the microsoft one I mentioned in an earlier post is a detailed description. Maybe download the pdf cause that's easier to handle. The document describes how to set up a user called 'padl' with minimum rights. If I remember right, you also need to set up a new group but I'm not sure about that anymore. Automounting home directories sux hard! It's too much too explain it here. Read my post at the microsoft newsgroup to find out what pain you'll face. http://groups.google.co.in/groups?hl...orunix.general The guys are writing about using NIS but I don't have a clue how that should work. Server for NIS running at your windows server is not getting recognized and even if it does I doubt you'll get useful information from it. Since my goal is to reach maximum compatibility with Linux, users need to have the same home directory no matter with what OS they login. This means you need to share the top level folder containing the home directories two times. First, make a NFS share for your UNIX clients. Then make a SMB (normal windows) share for you windows clients. Once you get everything to work (took me quite long but my posting I mentioned above should help) you need to login as root and change NFS permissions to chmod 700 (rwx------) manually if you want to keep other users from browsing to foreign home direcories. Quite a lot of work if you have many users. Therefore think about a script :D |
A FC4 HOWTO in progress...
It doesn't cover everything, but I should cover the Linux portion. Post in that thread if you find errors.
http://www.linuxquestions.org/questi...50#post1907850 |
The answer article
Hello,
In last post of this article (not mine); someone requested that you write up an answer article; I am just wondering if you did.. The whole process doesn't seem that straight forward and as someone who is new to this, it would be great to see a step-by-step guide. Regards, easy |
Post #22 is 4(!) yrs old ... don't hold your breath.
|
Quote:
If folks have questions about the way I set it up, I'll answer questions in my thread in post #22 because, imo, it's still relevant. I'm now using AD's Kerberos for the auth and AD's LDAP for user attribute storage, instead of LDAP auth. I auth about 200 Linux machines and a few Solaris 10 machines using this mechanism. I have not performed any performance tweaks other than adding "referrals off" in ldap.conf for a multi-site domain. I don't have thousands, or even hundreds of users authenticating, so what works for me may not work for you. FYI: I've had problems on RHEL involving system message bus not wanting to start on boot if ldap is inaccessible. I actually have to iLO into my machines, boot with single user mode, turn off ldap in nsswitch.conf, boot, then enable it once I get into multi-user mode. There seems to be a patch or a workaround, see: https://bugzilla.redhat.com/show_bug.cgi?id=186527, but I haven't used it as the problem has only occurred once in the last year. AD auth works phenomenally on Solaris 10 amd64. |
To be honest..
I'm about to embark on setting up Perforce and Teamcity with LDAP for more efficient account management.
|
Sorry for yet another old thread bump but I've been there done that on the AD part of this: http://b-landia.net/wiki/doku.php/guide:sso
directly to the configuration part: http://b-landia.net/wiki/doku.php/gu...#configuration |
All times are GMT -5. The time now is 11:13 PM. |