I just need something for apache auth. I have winbind working just fine for the other stuff...Thanks On 2/9/10, Jay Leafey <jay.leafey at mindless.com> wrote: > If you are using AD for JUST authentication and not user information, > you can use the PAM Kerberos stuff. We've been using it for a couple of > years from both CentOS/RHEL 4 and 5 systems with good results. It was > actually pretty easy to do (once we figured out which type of chicken > bones to burn). > > You can use authconfig to turn it all on: > > authconfig --enablekrb5 --krb5realm {AD domain name} \ > --enbablekrb5kdcdns --enablekrb5realmdns --update > > This will use DNS to locate the domain controller and KDC for the domain > given the AD domain name. You can manually specify the KDC and admin > servers too, see the authconfig man page for specific details. > > If you want something perhaps more polished, you could look into the > Likewise products, which handle the whole shooting match pretty well > (http://www.likewise.com/products/likewise_open/). I've played with the > Open (free) version and it worked just fine, the Enterprise has more > features but I haven't played with it. > > As always, YMMV. > -- > Jay Leafey - Memphis, TN > jay.leafey at mindless.com >