Re: Anyone using Active Driectory auth with Centos 5.4.....?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

If you are using AD for JUST authentication and not user information, you can use the PAM Kerberos stuff. We've been using it for a couple of years from both CentOS/RHEL 4 and 5 systems with good results. It was actually pretty easy to do (once we figured out which type of chicken bones to burn). 

You can use authconfig to turn it all on:

authconfig --enablekrb5 --krb5realm {AD domain name} \
    --enbablekrb5kdcdns --enablekrb5realmdns --update
This will use DNS to locate the domain controller and KDC for the domain given the AD domain name. You can manually specify the KDC and admin servers too, see the authconfig man page for specific details.
If you want something perhaps more polished, you could look into the Likewise products, which handle the whole shooting match pretty well (http://www.likewise.com/products/likewise_open/). I've played with the Open (free) version and it worked just fine, the Enterprise has more features but I haven't played with it. 

As always, YMMV.
--
Jay Leafey - Memphis, TN
jay.leafey@xxxxxxxxxxxx

<<attachment: smime.p7s>>

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux