multi-server/single source authenticaton was Re: [K12OSN] Networking a new school for K12LTSP?

john lists.john at gmail.com
Thu Feb 1 22:53:36 UTC 2007 

Thanks for your thoughts, John. I'll look for that book. I'd prefer to go
all LDAP, but currently I haven't gotten the Ok to do that, primarly because
it's not obvious how we would get Windows machines to authenticate via LDAP.

John

On 1/30/07, John Lucas <mrjohnlucas at gmail.com> wrote:
>
> On Tuesday 30 January 2007 18:40, john wrote:
> > This has been an interesting thread. It makes me want to raise my own
> > question.
> >
> > Is it possible to do multi-server/single source authenticaton using
> Active
> > Directory rather than LDAP? Right now, we're not able to drop active
> > directory for students, but will probably need to add servers as our
> LTSP
> > experiment moves forward. The sticking point has been the way
> winbind/samba
> > creates and maps unix passwords to windows passwords. Essentially each
> > installation of Linux that uses Active Directory for authenticaton ends
> up
> > with their own local user/pass db that makes centralized NFS homes
> > semi-impossible. Has anyone figured out how to scale Linux and AD?
> >
> > John
> >
>
> First a caveat: I have not (yet) tried to use AD for Linux authentication,
> but
> I have looked into it somewhat. Since AD is primarily LDAP and Kerberos,
> it
> should be possible, and chapter 9 of "LDAP System Administration" by
> Gerald
> Carter (published by O'Reilly) has a pretty good step by step description
> of
> how to go about it. You will need administrative rights to the Windows
> server, since there will be some additional configuration required.
>
> BTW anyone using LDAP should be interested in the above mentioned book, it
> is
> a very good practical guide for many uses of LDAP. Highly recommended.
>
> --
>         "History doesn't repeat itself; at best it rhymes."
>                         - Mark Twain
>
> | John Lucas                          MrJohnLucas at gmail.com
> |
> | St. Thomas, VI 00802                http://mrjohnlucas.googlepages.com/|
> | 18.3°N, 65°W                        AST (UTC-4)
> |
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/k12osn/attachments/20070201/a0522fd6/attachment.htm>

More information about the K12OSN mailing list