multi-server/single source authenticaton was Re: [K12OSN] Networking a new school for K12LTSP?
Les Mikesell
les at futuresource.com
Thu Feb 1 23:42:23 UTC 2007
john wrote:
> Thanks for your thoughts, John. I'll look for that book. I'd prefer to
> go all LDAP, but currently I haven't gotten the Ok to do that, primarly
> because it's not obvious how we would get Windows machines to
> authenticate via LDAP.
Windows machines can authenticate against a samba domain, which in turn
stores its user/password database in LDAP. You've probably seen that
scenario called samba/ldap here.
The opposite approach is also possible. You can use smb authentication
on the Linux side against a windows domain. This isn't quite as slick
as winbindd because you have to create the linux accounts yourself but
it avoids the problems of getting random uids and you don't have to
manage a separate password.
--
Les Mikesell
les at futuresource.com
More information about the K12OSN
mailing list