2010/3/5 Dumbo Q <dumboq@xxxxxxxxx>: > I'm linux guy, and if it were up to me windows would not be in my server > environment. However I am in a mixed environment where All windows servers > use AD for authentication, and linux servers have no authentication setup. > > My first thought is to use rhds or 389 to sync with AD. After stewing on > this for a little bit, I wonder is there any benefit that I will be gaining > by doing this. > > Does anyone have experience and can say why I should do this rather then > just authenticate to AD? Again I'd prefer linux, but I prefer not > over-complicating core infrastructure more. I suppose it depends on your AD server. If they can add the appropriate schemas to seamlessly integrate your systems, and there are no issues with appropriate authorization and duties, then there is a case for authenticating directly to AD. An upside if you have a lot of end users is that your support infrastructure might not have to deal with password resets and account creation/modification. On the other hand, if the Linux servers are critical to the business, you can make a case that if the AD domain goes down, a proxy Linux LDAP can ensure that at least the Linux systems have no outage (with appropriate caching, etc.). You also maintain a bit more control over the auth setup. -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
