Mailinglist Archive: opensuse-edu (45 mails)
| < Previous | Next > |
Re: [suse-linux-uk-schools] Migration Questions - MS Services for Unix and freenx
- From: Tim Fletcher <tim@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 25 Jun 2005 13:13:10 +0000 (UTC)
- Message-id: <1119705209.5267.15.camel@xxxxxxxxxxxxxxxxxxxxxx>
On Mon, 2005-06-13 at 09:37 +0100, Alan Loughlin wrote:
> Hi,
>
> I was looking around for Linux active directory support and found an article
> on ms services for UNIX. Which apparently allows Linux clients to
> authenticate to ad as if it was a nis and nfs server.
We actually use services for unix (SFU) at present, we have the same
usernames on both Active Directory and Linux (via NIS). This works
fairly well for us and we use SFU to sync the passwords from Active
Directory to our main NIS server. There are a couple of caveats to this:
1. As far as I know there is no support for group policy style
restrictions on unix boxes
2. Don't bother trying to run the unix side of NIS or SFU on a 64bit
machine (ie AMD64) as this just doesn't work (from bitter experience),
but it does work fine on 32 bit machines.
We do have some moderately complex user creation scripts to make users
on Active Directory (via LDAP) and on Linux at the same time that I can
strip the passwords out of and share if people are interested.
We however are looking at a different way of doing this based on the new
Fedora Directory Server that was released a couple of weeks ago. This is
a full LDAP directory server including management tools. More
importantly has tools to allow a 2 way sync with with Windows Active
Directory server. While we haven't got much further than the looking at
this stages it looks like a least an option to be considered. If the
looking at it pans out we might well be rolling out at least a test
version of this for September and maybe even a live one.
Further information about this can be found here:
http://directory.fedora.redhat.com/wiki/Main_Page
--
Tim Fletcher
Learning Technologies Manager - Parrs Wood High School
tim@xxxxxxxxxxxxxxxxxxxxxxxxxxx
Tel: 0161 445 8786
Tim Fletcher
C/O Parrs Wood High School
Wilmslow Road
Manchester
M20 5PG
> Hi,
>
> I was looking around for Linux active directory support and found an article
> on ms services for UNIX. Which apparently allows Linux clients to
> authenticate to ad as if it was a nis and nfs server.
We actually use services for unix (SFU) at present, we have the same
usernames on both Active Directory and Linux (via NIS). This works
fairly well for us and we use SFU to sync the passwords from Active
Directory to our main NIS server. There are a couple of caveats to this:
1. As far as I know there is no support for group policy style
restrictions on unix boxes
2. Don't bother trying to run the unix side of NIS or SFU on a 64bit
machine (ie AMD64) as this just doesn't work (from bitter experience),
but it does work fine on 32 bit machines.
We do have some moderately complex user creation scripts to make users
on Active Directory (via LDAP) and on Linux at the same time that I can
strip the passwords out of and share if people are interested.
We however are looking at a different way of doing this based on the new
Fedora Directory Server that was released a couple of weeks ago. This is
a full LDAP directory server including management tools. More
importantly has tools to allow a 2 way sync with with Windows Active
Directory server. While we haven't got much further than the looking at
this stages it looks like a least an option to be considered. If the
looking at it pans out we might well be rolling out at least a test
version of this for September and maybe even a live one.
Further information about this can be found here:
http://directory.fedora.redhat.com/wiki/Main_Page
--
Tim Fletcher
Learning Technologies Manager - Parrs Wood High School
tim@xxxxxxxxxxxxxxxxxxxxxxxxxxx
Tel: 0161 445 8786
Tim Fletcher
C/O Parrs Wood High School
Wilmslow Road
Manchester
M20 5PG
| < Previous | Next > |