Great, thanks, I got it working. Currently, our linux users all are member of a posix group of the same name (i.e user "kenneth" is member of its own group "kenneth", which is the default in linux as far as I know). Do you know how I can create such groups on AD, instead of adding users to shared groups such as "unixusers"? On Wed, Jan 27, 2010 at 1:39 PM, s u p e r n a u t <supernaut@xxxxxxx>wrote: > I've used this in the past to good effect with RHEL5.3 and W2K3. I'm sure > you'll have to make adjustments with W2K8, but it may be a good starting > point. > > > http://www.interopsystems.com/downloads/Native_LDAP_native_Kerberos_and_AD_services.pdf > > > > ----- Original Message ----- From: "Kenneth Holter" <kenneho.ndu@xxxxxxxxx > > > To: "General Red Hat Linux discussion list" <redhat-list@xxxxxxxxxx> > Sent: Wednesday, January 27, 2010 7:58 AM > Subject: Re: Configuring RHEL servers to authenticate with Windows Server > 2008Active Directory > > > Thanks for your reply. >> >> I would like the account and group information to be maintained in AD. >> Possibly later on we'll implement kerberos too. >> >> >> - Kenneth >> >> On Tue, Jan 26, 2010 at 5:32 PM, Marti, Robert <RJM002@xxxxxxxx> wrote: >> >> If you just care about authentication and not accounts, I'd set up >>> kerberos >>> auth - much easier. I have no experience setting up LDAP auth, sorry. >>> >>> Rob Marti >>> ________________________________________ >>> From: redhat-list-bounces@xxxxxxxxxx [redhat-list-bounces@xxxxxxxxxx] On >>> Behalf Of Kenneth Holter [kenneho.ndu@xxxxxxxxx] >>> Sent: Tuesday, January 26, 2010 10:17 >>> To: redhat-list@xxxxxxxxxx >>> Subject: Configuring RHEL servers to authenticate with Windows Server >>> 2008 >>> Active Directory >>> >>> Hello all. >>> >>> >>> I'd like to set my RHEL 4 and 5 servers up to authenticate with our >>> Windows >>> server 2008 Active Directory. Using "authconfig --update --enableldap >>> --enableldapauth >>> --ldapserver=ldap.example.com--ldapbasedn=dn=example,dn=com" >>> and adding "binddn" and "bindpw" to the /etc/ldap.conf file, it looks >>> like >>> the linux box is connecting correctly to the AD server. But running >>> "getent >>> passwd <some-linux-user-defined-on-AD>" doesn't return any result. >>> >>> I'm suspecting that maybe it's my nss_ldap attribute mappings that are >>> not >>> correct. I have no attribute mapping defined, since I would think that >>> there >>> would be some default mappings that would work. Are there any default >>> mapping, and in case what are they? Or maybe "authconfig" set up these >>> mappings automatically? Any advice is appreciated. >>> >>> Best regards, >>> Kenneth Holter >>> -- >>> redhat-list mailing list >>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >>> https://www.redhat.com/mailman/listinfo/redhat-list >>> >>> -- >>> redhat-list mailing list >>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >>> https://www.redhat.com/mailman/listinfo/redhat-list >>> >>> -- >> redhat-list mailing list >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >> https://www.redhat.com/mailman/listinfo/redhat-list >> >> > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
