[CentOS] Anyone using Active Driectory auth with Centos 5.4.....?
Jay Leafey
jay.leafey at mindless.comWed Feb 10 00:10:06 UTC 2010
- Previous message: [CentOS] Anyone using Active Driectory auth with Centos 5.4.....?
- Next message: [CentOS] Anyone using Active Driectory auth with Centos 5.4.....?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
If you are using AD for JUST authentication and not user information, you can use the PAM Kerberos stuff. We've been using it for a couple of years from both CentOS/RHEL 4 and 5 systems with good results. It was actually pretty easy to do (once we figured out which type of chicken bones to burn). You can use authconfig to turn it all on: authconfig --enablekrb5 --krb5realm {AD domain name} \ --enbablekrb5kdcdns --enablekrb5realmdns --update This will use DNS to locate the domain controller and KDC for the domain given the AD domain name. You can manually specify the KDC and admin servers too, see the authconfig man page for specific details. If you want something perhaps more polished, you could look into the Likewise products, which handle the whole shooting match pretty well (http://www.likewise.com/products/likewise_open/). I've played with the Open (free) version and it worked just fine, the Enterprise has more features but I haven't played with it. As always, YMMV. -- Jay Leafey - Memphis, TN jay.leafey at mindless.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3274 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.centos.org/pipermail/centos/attachments/20100209/1a96c2d9/attachment-0001.bin>
- Previous message: [CentOS] Anyone using Active Driectory auth with Centos 5.4.....?
- Next message: [CentOS] Anyone using Active Driectory auth with Centos 5.4.....?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list