[K12OSN] centos4 and AD (Fedora Directory Server)

Henry Burroughs hburroughs at HHPREP.ORG
Thu Jun 30 17:40:39 UTC 2005


I am eagerly watching what happens with Fedora Directory Server
(directory.fedora.redhat.com).  One of the next todos is to get it to
automatically create the posixuser information (it is not done by
default when adding a new user, you have to check it off and enter all
the info).

I tested it out briefly during the Samba/LDAP session at NELS a few
weeks ago (mmmm.... VMWare 5....).  Installed really easy and I got it
quickly authenticating my box.  I am interested in the active directory
sync abilities.  I want to use it to replicate all my users from AD over
to Fedora Directory Server, then eventually get a SAMBA/Fedora Directory
Server setup going and then start joining my XP machines to the new
domain, then eventually kill the Active Directory Server, or setup a new
Domain (new name, etc) and have it be secondary so the exchange server
will work ( I can't get rid of exchange...).

However, there is no samba schema for Fedora Dir Server yet.... but it
looks like the stub for a howto is there.   I might hack on it if I get
a chance...

I also couldn't get the unix group information setup correctly (as in I
could create groups, but I couldn't enter the posixgroup information). 
But hey, now that it is OSS, the new features should come quickly.

For the meantime:

I might recommend using Services for Unix to provide the posixgroup
information in AD and then use a combination of LDAP auth to AD and
kerberos for password... although if you can get LDAP passwd working
with AD more power to you.

> ______________________________________________________________________
> From: Les Mikesell <les at futuresource.com>
> To: Support list for opensource software in schools. <k12osn at redhat.com>
> Subject: Re: [K12OSN] centos4 and AD
> Date: Wed, 29 Jun 2005 13:52:01 -0500
> On Wed, 2005-06-29 at 12:45, Mark Gumprecht wrote:
> > What is 
> > the best solution for centralized authentication? AD, NDS, LDAP/SAMBA? I 
> > have a mixed bag here of 98,win2k,xp,linux,osx. After this latest 
> > incident, I'm quite temped to over haul the whole thing this summer!
> I think there will be a new and better option when Red Hat releases the
> 7.1 version of Red Hat Directory Server. 
> http://www.redhat.com/docs/manuals/dir-server/
> This was once the Netscape directory server and from all accounts has
> more features and is more robust than openldap.  Is anyone currently
> working with samba/ldap watching this?
> -- 
>   Les Mikesell
>    les at futuresource.com

More information about the K12OSN mailing list