Active Directory Authentication Howto[Scanned]
Chris Bradford
chrisbradford at cambridge-news.co.uk
Fri Jun 30 06:20:26 UTC 2006
Paul Johnson wrote:
> I understand how the krb5 provides login authentication. I can't
> understand where the user account information is obtained during the
> login process. If users don't have accounts on local pc's, how does
> this work?
>
> pj
>
> On 6/28/06, Chris Bradford <chrisbradford at cambridge-news.co.uk> wrote:
>> I've put together a howto on Authentication of FC5 boxes to Active
>> Directory, take a look if you are interested:
>>
>> http://cb-net.co.uk/readarticle.php?article_id=5
>>
>> This will also work with FC4. Any questions, please register and ask :)
>>
>> Many thanks,
>>
>> -Chris Bradford
>>
>>
>> This message has been scanned for viruses by BlackSpider MailControl
>> - www.blackspider.com
>>
>> --
>> fedora-list mailing list
>> fedora-list at redhat.com
>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>>
>
>
User account information is obtained via /etc/nsswitch.conf which is
automatically configured by the redhat / fedora authconfig tool. There
are limits to what this can do, but it does enough for the
authentication process to work.
Information such as group membership is carried across from AD, although
you need to have Services For Unix installed and configured on all
domain controllers in order for this to function.
In the howto I have granted logon rights to a single AD user group which
has UNIX attributes setup for authentication on Unix/Linux workstations.
-Chris
More information about the fedora-list
mailing list