You might also want to look at the following solution: http://laaad.sourceforge.net/en/index.html
The idea behind the project is to apply SFU schema extensions, and making the clients authenticate using LDAP/SSL instead of NIS as opposed to vanilla SFU. if you want, you can also make clients authenticate against AD's Kerberos realm. Actually the problem is not authentication, but having a single store for user account properties in AD (Posix account properties in the case of Linux/Unix) and that is what SFU schema extensions do in this case. Guy On Sat, 2004-02-07 at 02:27, [EMAIL PROTECTED] wrote: > Jennifer, > > The first solution that was presented to you by Tom [AD4Unix] is a solution that > we've implemented in the past. It uses the schema extensions from SFU, and it's a > fairly easy to manage and easy to install solution. Not lots of bells and whistles, > and does require that all of your systems are a part of NIS - which can be > arbitrarilly defined. IOW, it doesn't have to be an official and stringent NIS, > just something for AD to know who is and who isn't playing in your ballpark. > > As to SFU 3.5, I believe that Rod Trent or Jackson suggested it, and you can > certainly use it to great advantage as well. The VAS solution is a fantastic > product, but many folks are put off by the cost. It all depends on how 'seamless' > you want the solution, obviously offset by the 'pocket book' factor. > > Good luck! > > Rick Kingslan > Microsoft MVP - Active Directory > > > > > From: "Jennifer Fountain" <[EMAIL PROTECTED]> > > Date: 2004/02/06 Fri PM 05:11:49 EST > > To: <[EMAIL PROTECTED]> > > Subject: RE: [ActiveDir] Integrate Linux with AD > > > > > > > > Hot off the press. > > > > > > Solution Guide for Windows Security and Directory Services > > > for UNIX Using Active Directory and Kerberos for > > > authentication and identity store in a heterogeneous UNIX and > > > Windows IT environment. > > > > > > http://www.microsoft.com/downloads/details.aspx?FamilyId=144F7 > > > B82-65CF-4105- > > > B60C-44515299797D&displaylang=en > > > > > > > Could I use Services for Unix? Would that work instead of buying VAS? > > > > Jennifer > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
