[Beowulf] Re: Active directory with Linux
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Dave Love d.love at liverpool.ac.ukFri Oct 24 06:01:28 PDT 2008
- Previous message: [Beowulf] Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Prentice Bisbal <prentice at ias.edu> writes: > The trust is that if you already have and AD installation and the AD > controllers have Microsoft Services for Unix (MSSFU, or just SFU) 3.5 or > later, you have everything you need to use your AD servers as Kerberos > and LDAP masters for your Linux clients. You only need that stuff for the NSS databases (passwd, group), not for Kerberos. [I never managed to get the add-on SFE stuff to install -- even after recovering from the server being 0wned whilst it was getting security-patched -- but I guess that's not a general problem.] > If you want to go the other way around, have Linux serve as the AD > controllers, you'll need to use Samba, and I haven't had much success > with it. Samba as an actual AD controller is a Samba 4 thing, which isn't ready yet, as far as I know -- has that changed recently? The canonical way to DTRT is to have a master Kerberos server in the POSIX world, which AD trusts, and populate the POSIX and AD worlds' LDAP separately from one or more accounts databases. Basically you want to keep AD in its own world, and in a network subdomain with a sensible DNS arrangement, since AD wants to control DNS.
- Previous message: [Beowulf] Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list