Authenticating Unix/Linux with 2k3 AD

G

Guest

Does anyone know how we can go about autheticating UNIX and LINUX boxes
against 2K3 AD. I am not looking to use WSFU. I would prefer a way to use
an LDAP module with UNIX or LINUX. Has anyone had experience with this and
if so can you share any information
 
H

Herb Martin

Joe Flynn said:
Does anyone know how we can go about autheticating UNIX and LINUX boxes
against 2K3 AD. I am not looking to use WSFU. I would prefer a way to use
an LDAP module with UNIX or LINUX. Has anyone had experience with this and
if so can you share any information
Click to expand...

In theory at least there are two methods:

Make them NTLM clients with some of the SMB
software out there.

Arrange for Kerberos authentication (MIT v5).

I cannot describe the details but either/both should
work with varying degrees of difficulting (NTLM
is likely easier).

Probably the NTLM machines will never have an
"account" but be treated more like Win9x in
"association" with the domain.

With Kerberos trusts, they will likely be in a different
realm and act like a trusted domain.
 
J

Joe Richards [MVP]

While it is possible to use LDAP for auth it isn't recommended as it isn't
secure. The mechanisms usually rely on simple binds which are completely clear
text across the network. You want to look at implementing kerberos if you want
to do it right.

joe
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Linux gaming hasn’t just improved, it’s evolved. 10
Win2K AD with SFU 3.5 upgraded to Windows 2003 R2 3
LDAP traffic across sites 1
Sailpoint IDM Consultants for Pittsburgh, PA! 0
Ownership of Unix copyright headed to trial 5
Cannot login from Linux client using SFU 3.5 1
Use AD as external Addressbook 2
Facts about Unix 25

Top