[CentOS] Re: Kerberos and Winbind both needed for Active Directory??

Thu Dec 22 19:21:06 UTC 2005
Les Mikesell <lesmikesell at gmail.com>

On Thu, 2005-12-22 at 13:10, Rex Dieter wrote:

> > Is there a way to configure multiple machines to use AD
> > authentication and get the same uids so NFS mounts will
> > work across all of them?
> 
> man smb.conf, look for "idmap backend".  2 options: idmap_ad or idmap_rid.
> 
> Unfortunately, stock redhat/fedora samba doesn't include those 2 
> optional modules (not until recently in development anyway):
> http://bugzilla.redhat.com/bugzilla/156810

Thanks - would it work to use the fedora directory server set
up to sync with AD?  (Seems like a lot of work just for this
effect...).  Or maybe just add windows services for unix on
the AD servers and use NIS on the Linux boxes instead?  I'd
think this would be a common problem these days.  Up till
now I've been creating the accounts manually but using smb
authentication against a PDC to avoid dealing with passwords
but the windows side of the house is just completing a move
to AD.

-- 
  Les Mikesell
   lesmikesell at gmail.com