Thanks for the response. I've been scheduled to work with our Novell Guru tomorrow. He's suggesting we use a DirXML link between AD and a Windows 2003 server to "fake" the authentication. The ultimate goal, though, is to get it working with eDirectory.
I'll let you know if we figure something out - the Novell fellow is optimistic that we should be able to do this with universal passwords (which we do use and mirror from the real passwords) and LDAP calls. We'll see. Mike On 14/11/2006, at 11:24 AM, David Harrison wrote: > On 11/11/2006, at 1:10 PM, Patricio A. Bruna wrote: > >> You have to look in Novell site. >> maybe start in: >> http://www.novell.com/coolsolutions/appnote/11788.html > > You may run into trouble as you follow this document through as it > assumes you have a Novell Open Enterprize Server in the directory > tree. > The process of adding an OES system to the tree extends the schema > in a number of not clearly documented ways. > If you are not running OES then extending the schema to work with > correctly with Linux User Manager as described is a very difficult > task, I could not get it to work on a vanilla eDirectory install > with all the relevant schema extensions applied (that is the > extensions I could identify through trial and error). > > If you do get Samba/eDirectory authentication working by following > this article without resorting to adding OES to the tree I would > like to hear how. > Considering the power of Samba and Novell's financial interest in > it you would assume getting eDirectory to work with it cleanly > would be a much simpler task than what is described above. Sorry I was mistaken the Novell document I was referring to which references Linux User Manager and OES is this one: http://wiki.novell.com/index.php/OES_as_PDC The document referenced above (http://www.novell.com/coolsolutions/ appnote/11788.html) does not utilise Universal Password or provide any identification functionality above basic user access. This maybe what you are after but personally I would prefer something that did not require users to maintain multiple passwords, integrates with other Windows/Samba servers more closely and provided the smooth administration experience of the iManager LUM plug-in. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
