[CentOS] CentOS 5.4 x86_64 authenticating against AD (Server 2008r2)

Sun Feb 7 22:44:43 UTC 2010
Dan Burkland <dburklan at NMDP.ORG>


________________________________________
From: centos-bounces at centos.org [centos-bounces at centos.org] On Behalf Of Jeff [jlar310 at gmail.com]
Sent: Sunday, February 07, 2010 9:20 AM
To: CentOS mailing list
Subject: Re: [CentOS] CentOS 5.4 x86_64 authenticating against AD (Server       2008r2)

On Fri, Feb 5, 2010 at 6:25 PM, Joseph L. Casale
<jcasale at activenetwerx.com> wrote:
>>Wbinfo -u & wbinfo -g do indeed work for me however getent passwd or getent group returns no AD users or groups. I have winbind entries in nsswitch for both the passwd & >group entries. Josepeh, I will try a newer RPM from a different repository and see if that resolves my issues. Did my smb.conf look ok?
>
> getent doesn't need to return data for this to work, just wbinfo.
> It's likely the issue I spoke of, aside from the winbind entries
> in smb.conf that allow local logon.
>
> Take my advice:
> yum erase samba == uber happiness
>
> Get ldap working, no interop issues with the old samba version in rhel and
> newer ms servers. Plus you will be using something forward compatible that
> a txt edit could likely fix in the event something drastic changed in the
> schema and search filters for example had to change.

+1

We've been using nss_ldap against AD for years. It's never a problem.

Jeff
_______________________________________________

Version 3.4.5 of Samba did end up resolving the issue I was having and now AD users can login to the box. I am however interested in going the LDAP route mainly for the forward compatability reason stated by Jeff. Is there anything special I need to do on the DC for the LDAP authentication to work? 

Thanks,

Dan