[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and NT authentication

To: Brian Rankin <brankin@round1.com>
Subject: Re: LDAP and NT authentication
From: Inge-Håvard Hunstad <inge@cc.uit.no>
Date: Wed, 09 Feb 2000 11:35:57 +0100
Cc: openldap-general@OpenLDAP.org
Organization: Universitetet i Tromsø
References: <NDBBIAKFGJBPKMLMCFOIKEENDFAA.brankin@round1.com>

Brian Rankin wrote:
> 
> Hello,
> 
> I'm running OpenLDAP 1.2 on Linux -- it's working great.  I'd like to use it
> as the authentication source for all ldap-aware systems.  Our network uses
> an NT PDC for login authentication, so there are two issues:
> 
> 1. Replicating the NT passwords stored in the PDC to the LDAP server

If you use pwdump from the NT server resource kit then you would get
enough information to generate a ldif file to transfer the
ntuserinformation to the ldap server. If you then use the rpcclient from
samba_TNG to contact the NT PDC and do a lsaquery. Then you will have
the sid of the existing domain and then you can use this howto to setup
samba as PDC with ldap support:
http://www.unav.es/cti/ldap-smb-howto.html (Remember to exchange the new
sid that samba creates with the one you got from the NT server and also
remember that you can't have two PDC's in the same domain so you have to
take down the NT PDC before you can take up the samba PDC in the same NT
Domain.) 

I've never done this myself. I have only used samba to serve the NT
domain so can someone please correct me if any of this isn't correct.

What I can't do is to tell you how to use a LDAP server to store
authentication information and have an NT server use it. You could try
Active Directory I heard this is Microsoft's LDAP server and I know that
they use it to store user info. in win2000.

Inge

References:
- LDAP and NT authentication
  - From: "Brian Rankin" <brankin@round1.com>

Prev by Date: XML Documents in LDAP
Next by Date: Re: LDAP and NT authentication
Index(es):
- Chronological
- Thread