Check out the PAM_KRB5 list archives. Someone there reported success in getting Linux to authenticate against ActiveDirectory. http://lists.netexpress.net/pipermail/pam-krb5/ http://lists.netexpress.net/mailman/listinfo/pam-krb5 Cheers, Nico On Tue, Dec 18, 2001 at 07:37:21PM -0000, Mayers, Philip J wrote: > It works fine against AD, provided that: > > a) You have changed your password since the upgrade from NT4 to 2K (if any), > or... > b) Your Kerberos libraries support the RC4 enctypes, which Heimdal does > IIRC, but MIT does not. > > Regards, > Phil > > +------------------------------------------+ > | Phil Mayers | > | Network & Infrastructure Group | > | Information & Communication Technologies | > | Imperial College | > +------------------------------------------+ > > > -----Original Message----- > From: Steve Langasek [mailto:vorlon@netexpress.net] > Sent: 18 December 2001 19:18 > To: pam-list@redhat.com > Subject: Re: Active Directory module? > > > On Tue, Dec 18, 2001 at 06:33:20PM +0000, David Lee wrote: > > This may be an extremely simple question, but then again may not be. > > > Anyone know of a PAM module (ultimately for Solaris at least) that would > > allow authentication against (shudder) a Microsoft W2K Active Directory > > service? Just a pointer (URL etc.) to such a module (open-source > > preferred) would do, so that I can begin to investigate. > > If you're looking just for authentication, then wouldn't a pam_krb5 > module do? There's such a module in the PAM sourceforge repository, but > I don't know if anyone's tried it against an AD domain yet. > > Steve Langasek > postmodern programmer > > > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list -- -DISCLAIMER: an automatically appended disclaimer may follow. By posting- -to a public e-mail mailing list I hereby grant permission to distribute- -and copy this message.- Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
