Thanks Jeff. Wasn't familiar with winbind. I'll probably be looking at the first 2 options if I go this route. -- Daniel Bush
http://blog.web17.com.au 2009/4/20 Jeff Waugh <j...@perkypants.org> > <quote who="Daniel Bush"> > > > Has anyone used Active Directory for authentication/login on their linux > > boxes? Any thoughts and opinions on this vs having a separate ldap > server? > > Not a lot of point duplicating the functionality or maintenance headaches, > IMHO. It's relatively easy to set up AD authentication for Linux, but as is > often the case, you have numerous ways to achieve your goal (ugh). You > could > try: > > * pam/nss_ldap/kerberos directly (bit challenging, sometimes brittle) > > * winbind (much easier, but acknowledges AD's centrality in your network > architecture... sometimes that's entirely fine though) > > * Likewise Open (Open Source product intro to beefier "enterprise" stuff, > seems to be nice to use, encouraged in Ubuntu land if that matters to > you, but I haven't delved into it enough to know if one should be wary of > codependency problems!) > > I'd recommend winbind as a starting point, especially if you just want to > start playing around with the possibilities on a few desktop machines or > file/print servers. > > - Jeff > > -- > linux.conf.au 2010: Wellington, NZ > http://www.penguinsvisiting.org.nz/ > > "Laughter is a force for democracy." - John Cleese > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html