Re: Replace NIS by Active Directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mar 18, 2011, at 8:31 AM, "MOKRANI Rachid" <rachid.mokrani@xxxxxxxx> wrote:

> Hi,
> 
> I'm looking a wiki or share experience for replace NIS authentication by
> an existing Active directory Server (W2003). The problem is on the
> management of id and gid. 
> 
> How to move 1000 actual NIS users to AD ?
> How to keep the same id and gid for this 1000 users ?
> What's happen with nfs linux server and acess with gid and/id ?  
> Use the same user/password for linux and Windows clients
> authentification?
> 
> 
> We test a solution who work very well. It's Centrify comercial software
> http://www.centrify.com/directcontrol/overview.asp . But we are looking
> a freeware solution. (kerberos ? openldap ? pam ? ...)
> 
> Does someone has already successfully replace NIS by Ad authentification
> with freeware solution ?

Instead of replacing NIS I extended it.

I setup a winbind box that did RID mapping from AD and exported those into NIS maps, sans passwords.

I then setup Kerberos on all boxes to authenticate against AD, samba managed the keytab files.

With this I got auto UID/GID generation, my AD users and groups automatically appear and disappear from the NIS maps and I can use those maps for multiple platforms.

Simple, yet effective.

-Ross

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux