On Monday, 04/01/2019 at 08:21 GMT, "Harder, Pieter" <[email protected]> wrote: > Until 2 years ago our AD was 2003. And that was a really big headache. And I > think they dropped the last win2003 servers quite recently. > Since moving to a more recent AD the win guys have been debating moving off > NTLM. But it seems there are some oldish applications that don't talk Kerberos > and require NTLM. > Anyway, it's not my problem. But I thought I would just mention it when I saw > your statement, in case anybody else does have NTLM still active.
To your original question, though, many clients have integrated LDAP-based clients with AD. As David said, AD is just a variation of LDAP. If all you need is authentication, then it's supposedly pretty straightforward (I've never personally done it). Ignoring the specific application (ITM), I found this to be helpful in understanding how LDAP fits into AD: https://www.ibm.com/support/knowledgecenter/en/SSTFXA_6.3.0/com.ibm.itm.doc_6.3/adminuse/msad_ldap_beforeyoubegin.htm#msad_ldap_beforeyoubegin__tepuser . Mostly I was happy because it had screen shots. :-) It may be that AD administration for LDAP clients is more integrated into the AD admin tools than is shown. Alan Altmark Senior Managing z/VM and Linux Consultant IBM Systems Lab Services IBM Z Delivery Practice ibm.com/systems/services/labservices office: 607.429.3323 mobile; 607.321.7556 [email protected] IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
