Configuring RHEL servers to authenticate with Windows Server 2008Active Directory

Kenneth Holter kenneho.ndu at gmail.com
Wed Jan 27 14:35:54 UTC 2010 

Great, thanks, I got it working.

Currently, our linux users all are member of a posix group of the same name
(i.e user "kenneth" is member of its own group "kenneth", which is the
default in linux as far as I know). Do you know how I can create such groups
on AD, instead of adding users to shared groups such as "unixusers"?

On Wed, Jan 27, 2010 at 1:39 PM, s u p e r n a u t <supernaut at gmx.com>wrote:

> I've used this in the past to good effect with RHEL5.3 and W2K3.  I'm sure
> you'll have to make adjustments with W2K8, but it may be a good starting
> point.
>
>
> http://www.interopsystems.com/downloads/Native_LDAP_native_Kerberos_and_AD_services.pdf
>
>
>
> ----- Original Message ----- From: "Kenneth Holter" <kenneho.ndu at gmail.com
> >
> To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
> Sent: Wednesday, January 27, 2010 7:58 AM
> Subject: Re: Configuring RHEL servers to authenticate with Windows Server
> 2008Active Directory
>
>
>  Thanks for your reply.
>>
>> I would like the account and group information to be maintained in AD.
>> Possibly later on we'll implement kerberos too.
>>
>>
>> - Kenneth
>>
>> On Tue, Jan 26, 2010 at 5:32 PM, Marti, Robert <RJM002 at shsu.edu> wrote:
>>
>>  If you just care about authentication and not accounts, I'd set up
>>> kerberos
>>> auth - much easier.  I have no experience setting up LDAP auth, sorry.
>>>
>>> Rob Marti
>>> ________________________________________
>>> From: redhat-list-bounces at redhat.com [redhat-list-bounces at redhat.com] On
>>> Behalf Of Kenneth Holter [kenneho.ndu at gmail.com]
>>> Sent: Tuesday, January 26, 2010 10:17
>>> To: redhat-list at redhat.com
>>> Subject: Configuring RHEL servers to authenticate with Windows Server
>>> 2008
>>>     Active Directory
>>>
>>> Hello all.
>>>
>>>
>>> I'd like to set my RHEL 4 and 5 servers up to authenticate with our
>>> Windows
>>> server 2008 Active Directory. Using "authconfig --update --enableldap
>>> --enableldapauth
>>> --ldapserver=ldap.example.com--ldapbasedn=dn=example,dn=com"
>>> and adding "binddn" and "bindpw" to the /etc/ldap.conf file, it looks
>>> like
>>> the linux box is connecting correctly to the AD server. But running
>>> "getent
>>> passwd <some-linux-user-defined-on-AD>" doesn't return any result.
>>>
>>> I'm suspecting that maybe it's my nss_ldap attribute mappings that are
>>> not
>>> correct. I have no attribute mapping defined, since I would think that
>>> there
>>> would be some default mappings that would work. Are there any default
>>> mapping, and in case what are they? Or maybe "authconfig" set up these
>>> mappings automatically? Any advice is appreciated.
>>>
>>> Best regards,
>>> Kenneth Holter
>>> --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>> --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>>  --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list