Windows Linux interoperability

fabian fabian79 at gmx.it
Thu Nov 14 08:49:04 EST 2002


Thank you I will try the freeware solution

Fabian


""Rechenberg, Andrew"" <arechenberg at shermfin.com> ha scritto nel messaggio
news:8075D5C3061B9441944E137377645118012D84 at cinshrexc03.shermfin.com...
> There are a number of options that one can use to accomplish what you
> want.  We currently use MS SFU Server for NIS on the Windows 2000 DCs,
> and ypbind and pam_smb on the Linux box and the configuration works
> quite well.
>
> We also used nss_ldap for a while as well, but stock AD only returns the
> first 1000 objects for a query and some programs like 'id' don't work
> very well in our situation.  A freeware program called AD4UNIX will
> extend the schema of your directory like SFU NIS and then you can use
> nss_ldap without paying a license for Services for UNIX (it's only $99,
> but still not free).
>
> I've been working on a Linux-ActiveDirectory Integration HOWTO for some
> time but you know how time goes :)  I'll try to get it done before
> January.
>
> Let me know if you have any more questions.
>
> Andy.
>
>
> -----Original Message-----
> From: bafian o{-<]: [mailto:fabian79 at gmx.it]
> Sent: Wednesday, November 13, 2002 10:22 AM
> To: kerberos at mit.edu
> Subject: Windows Linux interoperability
>
>
> Hi all,
> I've a AD domain which contains all user accounts and now i want to
> insert a
> linux
> box in the domain.
>
> My first goal was to use kerberos authentication to telnet to the linux
> box
> with the ktelnet utility
> from a windows XP workstation.
> This works fine using the AD KDC and MIT kerberos telnetd on linux i can
> authenticate to
> the KDC recive a krbtgt ticket and then telnet to linux.
>
> My problem is now to map users accounts from windows AD to linux.
> I don't know what is the best solution to do that:
>     -using LDAP
>     -configuring a MIT realm on linux and then setting up a trust
> relationship between this two domains
>     -i've read somewhere you can do that with PAM, but i don't know
> where to
> start
>
> Can anyone help me?
>
> Thanks
> Fabian Necci
>
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
>





More information about the Kerberos mailing list