IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Linux Forum / Syncing linux with ADS?
Post #5,754
by tjsinclair
8/18/01 12:19:56 PM
Reply
New Syncing linux with ADS?
Here's the plan:

The PHBs are pushing W2K and ADS to 'manage' our campus network and give all of the students logins that work regardless of where they sign in. However, we also have *NIX and Mac machines to support so I'm trying to figure out how to sync them up with our ADS.

Here's my thought: We've got a Sun E250 with OpenLDAP. The *NIX boxes can talk to LDAP. The Macs (once we upgrade to OS X) can sync up Netinfo with LDAP. I'm assuming that ADS can talk to LDAP.

The only data we need to replicate is the ADS user/password info. Is this doable?
Post #5,757
by boxley
8/18/01 1:04:15 PM
Reply
New my understanding is that ADS is ldap with a couple of the
reserved bits being used by ms to make it proprietary to them. Havnt tried it but AD should be able to see ldap but not the other way round.
thanx,
bill
Our bureaucracy and our laws have turned the world into a clean, safe work camp. We are raising a nation of slaves.
Chuck Palahniuk
Post #5,759
by admin
Picture of admin
8/18/01 1:26:26 PM
Reply
New Not necessary
Install Samba on the machines. Make them part of the AD domain (there are instructions that come on the SWAT screen). Use PAM_SMB in the login stuff on linux.

The only manual bit is when you make the Linux box part of the AD domain; they have to be added manually through Server Manager to get the encrypted system password.
Regards,

-scott anderson
Post #5,931
by tjsinclair
8/19/01 11:54:12 PM
Reply
New So in other words
The *NIX machines pretend to be Windows clients?
Post #5,968
by admin
Picture of admin
8/20/01 10:24:32 AM
Reply
New Yep.
There's a [link|http://us4.samba.org/samba/docs/Samba-HOWTO-Collection.html|FAQ] at samba.org about it.
Regards,

-scott anderson
Post #6,050
by tjsinclair
8/21/01 10:23:03 AM
Reply
New So there's no way to get a non-MS LDAP service to sync
with ADS?
Post #6,064
by admin
Picture of admin
8/21/01 11:49:39 AM
Reply
New Dunno; never tried.
Regards,

-scott anderson
Post #6,189
by tjsinclair
8/21/01 10:17:37 PM
Reply
New I'll let you know
My thought was for the different platforms to authenticate to their respective directory services and for the services to sync up login/password stuff.

But you don't know until you try. In any case, I can certainly fall back on your suggestion. Thanks for the quick response and the link!
     Syncing linux with ADS? - (tjsinclair) - (7) - Aug. 18, 2001, 12:19:56 PM EDT
         my understanding is that ADS is ldap with a couple of the - (boxley) - Aug. 18, 2001, 01:04:15 PM EDT
         Not necessary - (admin) - (5) - Aug. 18, 2001, 01:26:26 PM EDT
             So in other words - (tjsinclair) - (4) - Aug. 19, 2001, 11:54:12 PM EDT
                 Yep. - (admin) - (3) - Aug. 20, 2001, 10:24:32 AM EDT
                     So there's no way to get a non-MS LDAP service to sync - (tjsinclair) - (2) - Aug. 21, 2001, 10:23:03 AM EDT
                         Dunno; never tried. -NT - (admin) - (1) - Aug. 21, 2001, 11:49:39 AM EDT
                             I'll let you know - (tjsinclair) - Aug. 21, 2001, 10:17:37 PM EDT

Sheer, unadultered, industrial-strength tinfoil-helmet alien-lizard-people drivel of the first degree.
50 ms