[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap in heterogenous environment



I can confirm that those rumors are true. We are doing just that (including Kerberos) at my place of employment. There is one caveat: your NT passwords must be stored as hashes in LDAP rather than in Kerberos. The Samba PDC authenticates to those rather than to kerberos in our setup.

--Dave

suffocator@gmx.de wrote:

hi group,

i hope this is the right place for this topic. in short: i´m trying to set
up a rather complex environment using ldap for authorization/authentication
with
clients like w2k, aix, solaris and linux using


1) ldap server as _main_ directory service (based on linux/openldap)
2) kerberos server for storing passwords (based on linux/kerberos)
3) w2k ads based on 1) (obviously based on w2k)
4) sudo server for unix users/permissions


|W2K-CLIENT| -> auth -> |ADS| ->
\
-> auth -> |LDAP-SERVER| -> password ->
|KERBEROS-SERVER|
|UNIX-CLIENT| -> auth -> -> -> ->/
\ -> permissions -> |SUDO-SERVER|



rumors say that it is possible, but after a long journey through the web i
did not find anything concrete to solve this problem. does anyone have any
experience
with ldap in heterogenous environments? is there some kind of cookbook or
howto?
at the moment it seems to become very difficult, especially merging w2k/ads
and
ldap...


thanks in advance,

magnus