2008/2/12, Buchan Milne bgmilne@staff.telkomsa.net:
On Monday 11 February 2008 20:12:17 अनुज Anuj Singh wrote:
On Feb 11, 2008 2:28 PM, Razi Garbie boneybastard@gmail.com wrote:
Hi everyone,
I've spent countless of hours trying to figure out how to sync
openLDAP
with my currently running windows/active directory, however.. i cant
find
any information on how this is done.
Im currently running windows/AD which authenticates ~20users all
windows
boxes (obviously), however.. all windows users have accounts on the
linux
machines i run and that makes administrative tasks a bit messy, hence
i
have to make account changes on two different domains.
The ideal setup is to setup setup a OpenLDAP server that is synced
with
windows active directory, so that my users can authenticate against
the
linux domain using their windows passwords.
Yes it can be done, in my setup a user can login to linux machine , this user does not exists on linux, beside it exists on windows active directory.
There are a number of well-known solutions to authenticating Unix servers to Active Directory, however, the original question was about synchronisation between OpenLDAP and Active Directory.
There are also other potential solutions for synching passwords from AD to OpenLDAP, but the original question precluded this answer ...
So, maybe the original poster would like to re-pose the question.
(I personally dislike using AD for Unix user account details, as other features of LDAP-aware Unix clients are not available when using AD)
Regards, Buchan
Perhaps i should try to explain my situation a little bit better,
What i want to achive is corss-platform authentication between windows/AD + workstations and linux (debian, centOS and redhat). So i thought it would work to setup a OpenLDAP server on one of the boxes and clients on the other servers, and sync the OpenLDAP with my currently running Windows/AD, ive looked at various solutions on how to authenticate linux machines in Win/AD with winbind etc.
But i didnt really like that, considering i plan to run daemons/services that use ldap for authentication.
I hope i dont confuse things... Bottom line is that i need a solution for cross platform authentication, so my users can authenticate to windows, to their linux shells and daemons running on the linux boxes (all using the same account information)
// Thanks for your help, Razi