[Beowulf] Active directory with Linux

Prentice Bisbal prentice at ias.edu
Thu Oct 23 11:16:21 PDT 2008


John Hearns wrote:
> I have to confess my Google skills have failed me.
> If I'm not wrong, there was a recent discussion in these parts re. using
> Active Directory
> with Linux. I think there was a commercial product mentioned, which was
> quite good.
> Can anyone remind me please?

You're probably thinking of Centrify or Likewise. Don't waste your money
either of them. I looked closely at Likewise, and even started to
implement it, but then abondoned it, because it doesn't allow you to
assign UIDs and GIDs - it generates them on each client using a
predictable, repeatable (is that redundant?) hash based on login name,
so that there are no ID collisions across machines.

The trust is that if you already have and AD installation and the AD
controllers have Microsoft Services for Unix (MSSFU, or just SFU) 3.5 or
later, you have everything you need to use your AD servers as Kerberos
and LDAP masters for your Linux clients. I've successfully done it here
on some test systems. It will be rolled out site-wide as soon as I get
the time.

Believe it or not, Microsoft has this all well-documented, and has very
helpful website on the topic:

http://blogs.msdn.com/sfu/

I even contacted support through this website, and got a very quickly
(less than an hour, I think)

If you want to go the other way around, have Linux serve as the AD
controllers, you'll need to use Samba, and I haven't had much success
with it.

What is this world coming to? I'm actually recommending Windows for
something!

--
Prentice



More information about the Beowulf mailing list