[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: pam/nss ldap authentication against ms exchange 5.5
On Thu, Feb 21, 2002 at 02:25:26PM +0100, Andrej Radonic wrote:
% we want to establish ldap authentication for linux redhat 7.2 machines
% against an existing exchange 5.5 (ldap) server.
%
% while I have seen from different posts that querying using basic ldap
% clients like ldapsearch does work I have doubts whether the task of
% actually authenticating linux users on this basis can be done "out of
% the box".
%
% as far as I know exchange does not store user passwords in its ldap db.
% rather it relies on the underlying win nt accounts.
I think the big problem you'll run into is that Exchange/Active Directory
doesn't store UID/GID information for users. I'm not sure how you'd go about
getting a valid UID/GID pair for your users who are logging into your Linux
machines.
One alternative might be to use pam_ldap to do user *authentication*, but
have local "accounts" in /etc/passwd in order to obtain UID/GID/home
directory information.
john
--
John Morrissey _o /\ ---- __o
jwm@horde.net _-< \_ / \ ---- < \,
www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__