Re: Remote auth against Active Directory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



----- Original Message -----
| I've got a new CentOS 7 server going into a remote location.  I have
| local servers that authenticate against Active Directory (2012 if it
| matters) using winbindd.  I'd like to have some method of using AD on
| the remote server, but I need to be able to access it if the network
| path to the AD servers is down.  sssd caching won't do AFAIK (since
| that's just a cache that times out).
| 
| This server is going to have out-of-band network access for remote
| management in case of network failure, so having access to it when it
| can't reach AD is its primary purpose.  I'd like to use our existing AD
| setup (rather than manage local users) to make it easier to manage
| users/passwords.
| 
| Is there a relatively simple method to replicate a chunk of the AD
| users/passwords to a remote CentOS server (I don't care about the SSO
| side of things)?  Or is there some other way to solve this problem?
| 
| --
| Chris Adams <linux@xxxxxxxxxxx>

Disconnected operation may require you to have a local authentication service.  For that I would suggest FreeIPA which can become a Tier-1 member of an Active Directory service.

-- 
James A. Peltier
IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone   : 604-365-6432
Fax     : 778-782-3045
E-Mail  : jpeltier@xxxxxx
Website : http://www.sfu.ca/itservices
Twitter : @sfu_rcg
Powering Engagement Through Technology
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux