Am Dienstag, den 30.12.2008, 03:28 +0100 schrieb Leon Towns-von Stauber: > On Dec 29, 2008, at 10:57 AM, Neil Neely wrote: > > > We're looking at integrating our *nix machines with our AD servers and > > are trying to find the "Best" way to do this. In this case I'm > > finding my google-fu isn't working in my favor... there is no shortage > > of information. Every time I think I have a complete grasp of ways > > this can be done I find one more. So there are plenty of resources > > for how to do this using technique X, what I really need is some > > feedback from people who are further along in this evolution that can > > give some perspective on which approach they think is the best. > > > I wouldn't claim it's necessarily the "best", but I've done it with > Samba winbindd. > Why not? It works like a charm for me. It gives you SSO via kerberos. Also service principals work perfectly for me with an easy keytab frontend (net ads keytab). It is free, it is open source. It even supports logon caching (for laptops like Windows does).
For me it was the perfect choice. The only drawback i can think of is the non-syncronized uid, wich for me have nerver been an issue. Chris financial.com AG Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender) Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553 _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
