On Thu, 30 Jun 2011, Hoover, Tony wrote:
We use pGINA (www.pgina.org) to authenticate windows user logins via
ldaps:// against the university directory. Don't know if that will
fit your model, but it works for us.
We've used that too, though it has a couple of disadvantages:
- It seems to be only semi-stable. (More often than not when we've
tried it, the Windows machine needs to be rebooted after every logon
session.)
- Last time I tried it, it wouldn't work on Windows 7 (though from
looking at their site, that may be corrected now).
- It requires us to put an alternative logon manager on the system,
which is fine for machines owned by our institute, but many of our
Windows machines are owned by their users, and they may not want pGina
on their systems.
Thanks for the reminder about pGina though -- it at least gives more
options to think about. It's too bad Samba itself doesn't seem to be
able to use UNIX passwords in LDAP to authenticate a user without
resorting to expecting only cleartext passwords from clients.
--
+ Brent A. Busby + The New JFI Computing Web Site:
+ Sr. UNIX Systems Admin + http://jficomputing.uchicago.edu/
+ University of Chicago +
+ Physical Sciences Div. + For problem reports and requests:
+ James Franck Institute + email: [email protected]
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
