[CentOS] Logging into Windows 2003 Active Directory

Jeff Larsen jlar310 at gmail.com
Wed Dec 19 15:38:19 UTC 2007


On Dec 18, 2007 1:45 PM, Joseph L. Casale <jcasale at activenetwerx.com> wrote:
> I have been searching the net for directions on rhel and centos 5(1) to log
> in to a windows domain and have found many examples, all different and none
> work for me.

You don't say exactly what you are trying to accomplish, but I'll
chime in with the solution we use. If you simply need to have your
CentOS boxes be aware of AD users and authenticate against AD
passwords, take a look at nss_ldap. There are lots of instructions
available on the net, even some good documents from Microsoft. You can
even restrict access based on OU or Group membership. If you have a
Server 2003 R2 domain, the MS side is ready to go. Otherwise you will
need Services For Unix 3.5 on your DCs.

I find it to be a much cleaner solution than joining Linux boxes to
the domain with Samba if that is not required. Better yet, if I only
need authentication for services that have built-in support for LDAP
such as cyrus-imapd/saslauthd or httpd, I'll use that service's
built-in LDAP authentication against AD and keep the Linux side as a
'black-box'.

The learning curve can be a challenge, but once you get it figured
out, it's pretty slick.

Jeff



More information about the CentOS mailing list