Re: nfs4, idmapd, users with same name, different uid?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 08/28/2013 08:24 PM, Les Mikesell wrote:

> This is a very tiny subset (mostly) of a corporate network where the
> larger things are handled by active directory.  But, for various
> non-technical reasons I don't want these machines to have to  'join'
> AD.  Kerberos will sort-of work without joining, but doesn't seem
> usable for exporting samba shares - and then anyone added locally
> wouldn't work without the uid matching anyway.   Is there a way to set
> up an LDAP server with a few local users but that mostly does a proxy
> to AD?   And if I did, would users be able to map their home
> directories as samba shares with the authentication it provides
> without joining AD?

you could install the IdM solution and create a cross realm trust
between both domains. Not trivial, but would do what you want to
accomplish.

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/

You would need cooperation from your AD admins though. That might be a
problem in some environments.

It is quite a big project, though.


-- 
groet,
natxo
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux