Will do. I am trying to get remote access or a roaming profile setup for linux clients. I am not trying to get support for any specific applications or services but I will let you know what I come up with if I ever find a solution. Michael James wrote:
On Friday 16 April 2004 03:34, Jason Gerfen wrote:
I have been scouring the net for documentation of setting up a SuSe 9.0 client to use pam_krb5 for authentication and then use pam_ldap to obtain user profile information. (Similar to a roaming profile on Windows environments). I have been using YaSt2 to configure the pam_krb5 and pam_ldap information specific to our environment.
I'm interested in this too, we have a well maintained Active Directory of all CSIRO employees, that I want to query and use.
As of now I can get the user to authenticate successfully against a Windows Kerberos server, however it still needs to have a local account setup in order to authenticate successfully.
Yep same here. Using pam_krb5 by modifying /etc/pam.d/sshd and /etc/krb5.conf
What I wish for is an openLDAP gateway: one that provides the Unix standard schema for accounts, and backends into AD with appropriate overlays and munging.
ie: unix uid numbers are overlaid from an external source, groups are distilled (using a regexp) out of AD groups or other info. home dirs are brewed out of parts, /home/<group>/<username>/
Please keep me posted on how you go, michaelj
-- Jason Gerfen "whoa... you mean this isn't woodshop class?" ~ cereal killer (as in fruit loops) Hackers 1989