<quote who="Daniel Bush"> > Has anyone used Active Directory for authentication/login on their linux > boxes? Any thoughts and opinions on this vs having a separate ldap server?
Not a lot of point duplicating the functionality or maintenance headaches, IMHO. It's relatively easy to set up AD authentication for Linux, but as is often the case, you have numerous ways to achieve your goal (ugh). You could try: * pam/nss_ldap/kerberos directly (bit challenging, sometimes brittle) * winbind (much easier, but acknowledges AD's centrality in your network architecture... sometimes that's entirely fine though) * Likewise Open (Open Source product intro to beefier "enterprise" stuff, seems to be nice to use, encouraged in Ubuntu land if that matters to you, but I haven't delved into it enough to know if one should be wary of codependency problems!) I'd recommend winbind as a starting point, especially if you just want to start playing around with the possibilities on a few desktop machines or file/print servers. - Jeff -- linux.conf.au 2010: Wellington, NZ http://www.penguinsvisiting.org.nz/ "Laughter is a force for democracy." - John Cleese -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
