Re: Replace NIS by Active Directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, 18 Mar 2011, MOKRANI Rachid wrote:

> Hi,
>
> I'm looking a wiki or share experience for replace NIS authentication by
> an existing Active directory Server (W2003). The problem is on the
> management of id and gid. 
> 
> How to move 1000 actual NIS users to AD ?

Create matching accounts in AD.  This is standard Active Directory stuff,
there really aren't any gotchas I can think of.

> How to keep the same id and gid for this 1000 users ?

Make sure the SFU attributes have the correct values.  You can do all this
through LDAP as far as I know.  Alternatively remap all your UIDs/GIDs and
switch to a RID mapping scheme instead.  You need to think about how you're
planning on working in the future.

> What's happen with nfs linux server and acess with gid and/id ?

It works exactly the same as it does now.

> Use the same user/password for linux and Windows clients
> authentification?

Feel free to use windbind or pam_krb5 for authentication, both easy to setup.
You'll need nss_ldap with pam_krb5, but winbind can do the whole bag.

> Does someone has already successfully replace NIS by Ad authentification
> with freeware solution ?

Probably the easiest it to use winbind, but we use nss_ldap and pam_krb5.
There's plenty of documentation on how to do this out there.

jh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux