[CentOS] Remote auth against Active Directory
James A. Peltier
jpeltier at sfu.ca
Thu Sep 10 23:35:25 UTC 2015
----- Original Message -----
| I've got a new CentOS 7 server going into a remote location. I have
| local servers that authenticate against Active Directory (2012 if it
| matters) using winbindd. I'd like to have some method of using AD on
| the remote server, but I need to be able to access it if the network
| path to the AD servers is down. sssd caching won't do AFAIK (since
| that's just a cache that times out).
|
| This server is going to have out-of-band network access for remote
| management in case of network failure, so having access to it when it
| can't reach AD is its primary purpose. I'd like to use our existing AD
| setup (rather than manage local users) to make it easier to manage
| users/passwords.
|
| Is there a relatively simple method to replicate a chunk of the AD
| users/passwords to a remote CentOS server (I don't care about the SSO
| side of things)? Or is there some other way to solve this problem?
|
| --
| Chris Adams <linux at cmadams.net>
Disconnected operation may require you to have a local authentication service. For that I would suggest FreeIPA which can become a Tier-1 member of an Active Directory service.
--
James A. Peltier
IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone : 604-365-6432
Fax : 778-782-3045
E-Mail : jpeltier at sfu.ca
Website : http://www.sfu.ca/itservices
Twitter : @sfu_rcg
Powering Engagement Through Technology
More information about the CentOS
mailing list