Authenticatind Against two Domains

Jeff Mitchell jam6 at cec.wustl.edu
Mon May 3 05:17:56 UTC 2004


Semi true...Microsoft includes a RADIUS server with their server OSes that
will (natively) talk to Active Directory.  It's called the Internet
Authentication Service.

--Jeff

----- Original Message ----- 
From: "Leon Vernikov" <vernikov at cisco.com>
To: <forums at harake.net>; "Pluggable Authentication Modules"
<pam-list at redhat.com>
Sent: Sunday, May 02, 2004 11:42 PM
Subject: Re: Authenticatind Against two Domains


> AD doesn't support Radius protocol.
> AD supports NTLM and LDAP only.
>
> Best regards,
>
> Leon
>
>
> forums wrote:
>
> > How about Radius
> >
> > ---------- Original Message ----------------------------------
> > From: "forums" <forums at harake.net>
> > Reply-To: forums at harake.net,Pluggable Authentication Modules
<pam-list at redhat.com>
> > Date:  Thu, 29 Apr 2004 08:23:29 -0400
> >
> > >I would like to know if there is a way that I can setup a linux box
> > >between two different windows domains / ADs
> > >we have organization A and organization B.
> > >Each organization has its own infrastructure. We would like to put a
> > >server between the two organizations with a share on it, that both
> > >organizations can share files on. I would like full rights to only to
> > >users that need to have access to that share, the ability to fully
> > >login.
> > >So I am thinking that it will be done in such way that users try to
> > >connect to the share (drive S:) and they will be authenticated against
> > >KDC "A" if that fails, they will be authenticated against KDC "B". if
> > >that fails they will get a message saying that it failed. I don't mind
> > >creating accounts on the local machine, but I don't want to have to
> > >synchronize passwords, and I can't have a user with an account on both
> > >systems, and I can't have trusts between the two domains.
> > >I think it could be done using PAM and Kerberos. Any help will be
> > >greatly appreciated. I prefer to have that on a Solaris 9 system, but
> > >I don't mind installing it on a Linux system.
> > >Thanks,
> > >Hodrige.
> > >
> > >---
> > >[This E-mail scanned for viruses]
> > >
> > >
> > >_______________________________________________
> > >Pam-list mailing list
> > >Pam-list at redhat.com
> > >https://www.redhat.com/mailman/listinfo/pam-list
> > >---
> > >[This E-mail scanned for viruses]
> > >
> > >
> > ---
> > [This E-mail scanned for viruses]
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/pam-list
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>





More information about the Pam-list mailing list