[wellylug] Active Directory authentication in Linux

[Franck]

Hi,

This is funny you're talking about it because I'm inside all the way 
from head to toe.
I'm currently working about migrating from NIS to AD and the major 
problem for us is to carry history over to AD.
I don't really care about mounting CIFS users directories as this part 
is handled by something else (common shared space across NFS and CIFS on 
the NAS head of the SAN). But it is a requirement to hold all UID/GID, 
groups information and all the automap features in AD as well. And this 
where it gets really dirty.

It seems that it is quite simple if you want to start from scratch with 
AD, using some unix features but stock up automap and it's a mess.

I tried the kerberos/winbind but it's doesn't include UID/GID mapping or 
translation, I need ldap to get this kind of information.

I'm trying to build a setup with kerberos/SSSD for authentication and 
LDAP for automaps, it is not simple nor straight forward to be honest 
but the good thing is AD is quite malleable in my case.

Jason mentioned the RedHat guide to RHEL 6 integration with AD and they 
are a very good source of information.

Best Regards.
Franck

Le 19/11/13 21:21, Neil Ramsay a écrit :
> Hi guys,
>
> I am looking at how to integrate Active Directory authentication in 
> Linux.
> Many years ago, I got Linux authenticating against Kerberos/LDAP with 
> great success, but it was a very manual process.
>
> Has anyone done Active Directory authentication in Linux at work, and 
> what approach did you take?
>
> Cheers,
> Neil
>
>