[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] nis,ldap,ad



You mentioned writing this up in a wiki. I'd be interested in seeing
that. :-) JSR/

On Mon, 2004-06-07 at 12:26, Henry Burroughs wrote:
> Mark,
> 
> I have been using winbind to access AD, however I am in the process of
> migrating to accessing AD via kerberos and AD (as an LDAP server).  I
> have successfully gotten my own system to authenticate and login using
> the kerberos/ldap method.  I discovered the MKSADPLUGINS.msi program
> which installs a UNIX schema in AD... hence giving you unix UIDs, GIDS,
> etc.  Finally found a .pdf file from Brazil that details the steps out
> fairly well...  maybe I should just condense it into a wiki.
> 
> It will require you to give each user a unix UID... which I would not
> want to do by hand at all... I am going to be working on a perl script
> this week to automate giving everyone existing a UID... and then php
> scripts for a secure page that I can easily add new users to AD and have
> the appropriate info already filled out.
> 
> Also, beware that your new UIDs for users will be different probably
> from winbind, unless you write a script to copy the winbind uid to the
> uid in AD.  I mainly have to worry about home directories.... so I'll
> just get new uids for everyone, and loop through the home directory
> doing something like:
> 
> cd /home/
> for userdir in `ls *`; do
> 	chown -R $userdir $userdir
> done
> 
> And most of my problems will be fixed.
> 
> I haven't personally decided if I want to phase AD out any time soon...
> but you probably could do a dump of the UNIX info in AD at a later date
> and move it to just plain ldap...  aahh... fun with Perl....
> 
> Let me know if I can help or if you want a copy of my initialize script
> (giving everyone a unix UID, other info).



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]