Re: [brlug-general] LikeWise - Was: RE: Seen this? Run this?
Yes, that's the whole point behind LikeWise, Centrify, etc. If you can't do that then something was very wrong. It would be like not being able to take a left turn in a new car you just bought.. ;-) --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Keith Stokes Sent: Tuesday, January 26, 2010 2:42 PM To: general@brlug.net Subject: Re: [brlug-general] LikeWise - Was: RE: Seen this? Run this? It's been a long time since I looked at it but I seem to remember that I couldn't pull group membership from AD; only username and password. You are saying at this point I should be able to have a www group within my AD, then when logging into my web server I can have the AD-group members modify files owned by www on the web server? On Jan 26, 2010, at 12:27 PM, Dustin Puryear wrote: You should have been able to assign all group perms via AD after you LikeWise. We are a Centrify vendor, and Centrify works in a similar way to LikeWise (although Centrify doesn't require AD schema updates). Do you mean group membership when you say "assign permissions"? Or are you talking about actual file-level permissions? (Which you would set and manage via groups anyway.) --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ -Original Message- From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Keith Stokes Sent: Monday, January 25, 2010 6:53 PM To: general@brlug.net Subject: Re: [brlug-general] Seen this? Run this? I played with the free/simple version awhile back and it worked just fine. I still had to assign permissions within Linux but for basic authentication and password sync it works fine. Brad Bendily wrote: Ran across this a few days ago, anyone ever used it? http://www.likewise.com/community/index.php/download/ "Likewise Open integrates Linux, UNIX, and Mac computers in Microsoft Active Directory." Apparently it's not the same as just using a PAM. -- Keith Stokes ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net -- Keith Stokes ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net
Re: [brlug-general] LikeWise - Was: RE: Seen this? Run this?
It's been a long time since I looked at it but I seem to remember that I couldn't pull group membership from AD; only username and password. You are saying at this point I should be able to have a www group within my AD, then when logging into my web server I can have the AD- group members modify files owned by www on the web server? On Jan 26, 2010, at 12:27 PM, Dustin Puryear wrote: You should have been able to assign all group perms via AD after you LikeWise. We are a Centrify vendor, and Centrify works in a similar way to LikeWise (although Centrify doesn't require AD schema updates). Do you mean group membership when you say "assign permissions"? Or are you talking about actual file-level permissions? (Which you would set and manage via groups anyway.) --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ -Original Message- From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Keith Stokes Sent: Monday, January 25, 2010 6:53 PM To: general@brlug.net Subject: Re: [brlug-general] Seen this? Run this? I played with the free/simple version awhile back and it worked just fine. I still had to assign permissions within Linux but for basic authentication and password sync it works fine. Brad Bendily wrote: Ran across this a few days ago, anyone ever used it? http://www.likewise.com/community/index.php/download/ "Likewise Open integrates Linux, UNIX, and Mac computers in Microsoft Active Directory." Apparently it's not the same as just using a PAM. -- Keith Stokes ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net -- Keith Stokes ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net
[brlug-general] LikeWise - Was: RE: Seen this? Run this?
Correct, it's not the same as using PAM. You should consider pam_ldap as a bare bones "let's make it work but that's it" solution. With LikeWise, Centrify, etc., you get a more powerful management layer. For example, with Centrify (and LikeWise may support this), I can set the same person to have different home directory locations based on the UNIX flavor (e.g., Sun, Mac OSX, Red Hat Linux) they are logging into, what group of servers (e.g., lab, accounting) it is, etc. You can't do that with pam_ldap. You just do authn and authz with pam_ldap. Also, at least with Centrify, you can support AD GPO's on Linux, UNIX, and Macs. --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ -Original Message- From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Brad Bendily Sent: Monday, January 25, 2010 1:18 PM To: general@brlug.net Subject: [brlug-general] Seen this? Run this? Ran across this a few days ago, anyone ever used it? http://www.likewise.com/community/index.php/download/ "Likewise Open integrates Linux, UNIX, and Mac computers in Microsoft Active Directory." Apparently it's not the same as just using a PAM. -- Have Mercy & Say Yeah ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net
[brlug-general] LikeWise - Was: RE: Seen this? Run this?
You should have been able to assign all group perms via AD after you LikeWise. We are a Centrify vendor, and Centrify works in a similar way to LikeWise (although Centrify doesn't require AD schema updates). Do you mean group membership when you say "assign permissions"? Or are you talking about actual file-level permissions? (Which you would set and manage via groups anyway.) --- Puryear IT, LLC - Baton Rouge, LA - http://www.puryear-it.com/ Active Directory Integration : Web & Enterprise Single Sign-On Identity and Access Management : Linux/UNIX technologies Download our free ebook "Best Practices for Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ -Original Message- From: general-boun...@brlug.net [mailto:general-boun...@brlug.net] On Behalf Of Keith Stokes Sent: Monday, January 25, 2010 6:53 PM To: general@brlug.net Subject: Re: [brlug-general] Seen this? Run this? I played with the free/simple version awhile back and it worked just fine. I still had to assign permissions within Linux but for basic authentication and password sync it works fine. Brad Bendily wrote: > Ran across this a few days ago, anyone ever used it? > > http://www.likewise.com/community/index.php/download/ > > "Likewise Open integrates Linux, UNIX, and Mac computers in Microsoft > Active Directory." > > Apparently it's not the same as just using a PAM. > > -- Keith Stokes ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ___ General mailing list General@brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net