2008/2/12, Buchan Milne email@example.com:
On Monday 11 February 2008 20:12:17 अनुज Anuj Singh wrote:
On Feb 11, 2008 2:28 PM, Razi Garbie firstname.lastname@example.org wrote:
I've spent countless of hours trying to figure out how to sync
with my currently running windows/active directory, however.. i cant
any information on how this is done.
Im currently running windows/AD which authenticates ~20users all
boxes (obviously), however.. all windows users have accounts on the
machines i run and that makes administrative tasks a bit messy, hence
have to make account changes on two different domains.
The ideal setup is to setup setup a OpenLDAP server that is synced
windows active directory, so that my users can authenticate against
linux domain using their windows passwords.
Yes it can be done, in my setup a user can login to linux machine , this user does not exists on linux, beside it exists on windows active directory.
There are a number of well-known solutions to authenticating Unix servers to Active Directory, however, the original question was about synchronisation between OpenLDAP and Active Directory.
There are also other potential solutions for synching passwords from AD to OpenLDAP, but the original question precluded this answer ...
So, maybe the original poster would like to re-pose the question.
(I personally dislike using AD for Unix user account details, as other features of LDAP-aware Unix clients are not available when using AD)
Perhaps i should try to explain my situation a little bit better,
What i want to achive is corss-platform authentication between windows/AD + workstations and linux (debian, centOS and redhat). So i thought it would work to setup a OpenLDAP server on one of the boxes and clients on the other servers, and sync the OpenLDAP with my currently running Windows/AD, ive looked at various solutions on how to authenticate linux machines in Win/AD with winbind etc.
But i didnt really like that, considering i plan to run daemons/services that use ldap for authentication.
I hope i dont confuse things... Bottom line is that i need a solution for cross platform authentication, so my users can authenticate to windows, to their linux shells and daemons running on the linux boxes (all using the same account information)
// Thanks for your help, Razi