AD connection
Nalin Dahyabhai
nalin at redhat.com
Mon Jul 19 18:21:17 UTC 2004
On Mon, Jul 19, 2004 at 01:51:33PM -0400, John Dennis wrote:
> On Mon, 2004-07-19 at 13:36, Havoc Pennington wrote:
> > How much of this can we get going out of the box, or make easy?
> >
> > http://www.eweek.com/article2/0,1759,1624773,00.asp
> >
> > Havoc
>
> I believe Nalin has augmented some of this in the fc3 tree, not 100%
> sure, I've just cc'ed him.
>
> I suspect most of it can be made to work out of the box, I think a
> bugzilla should be opened on this.
>
> Dan Reed recently experimented with winbind, I wonder if his experiences
> were the same. Dan emailed a report, but I didn't save a copy. Dan what
> say you?
Like the article noted, most of this should work already. It really
boils down to configuring Samba (and possibly Kerberos) correctly,
joining the domain, and setting your nsswitch.conf and PAM
configuration files to use winbind.
I think the problems the eWeek folks ran into were caused by authconfig
attempting to make the Samba and Kerberos configuration mirror each
other in a way which turned out to just be confusing to people who
weren't expecting it, so that's going away. Not sure those changes hit
Test 1, though.
There's more configuration required if you want to have Kerberos
credentials available *after* you log in, and that hasn't been done yet.
I'll spare you the details.
Nalin
More information about the Fedora-desktop-list
mailing list