Mailinglist Archive: opensuse (3106 mails)
| < Previous | Next > |
Re: [opensuse] AD and OpenSuSE10.2 (Identity Manager for Unix)
- From: Verner Kjærsgaard <vk@xxxxxxxxxxxxx>
- Date: Mon, 26 Feb 2007 12:28:28 +0100
- Message-id: <200702261228.29027.vk@xxxxxxxxxxxxx>
Torsdag 15 februar 2007 14:32 skrev Verner Kjærsgaard:
[... lots of cut away... see thread...]
Hi list and Moby,
- I promissed to let the list and Moby know when/if I got this working.
I did :-)
I don't use any Kerberos stuff at all.
I setup the Win2003 DNS server to know of itself and the other boxes
(including the Linux ones) in the network.
I define the Linux boxes as normal, not pre-win2000 boxes in AD.
I tell AD about the (Linux) box in the network as said.
I tell AD about my (Linux) users, I do not specify anything special at all.
Linux:
I use SuSE10.2 with winbind installed.
I tell the Linux box to use the DNS of the windows machine as its first DNS
choice. I check that I can ping the windows machine using its name - which is
NOT in /etc/hosts. I.e., it's looked up in the win-DNS.
I use YaST/User Management/advanced. I elect to use SMB verification, and I
make the Linux box a member of the domain. Meaning in YaST network section, I
beforehand named the Linux box and declared it to belong to the correct
domain and all.
Once the machine is a legal member of the AD-domain and is set to use
SMB-authentication for its users, I reboot. Just this once.
Then when the blue login screen appears, a choice as to domain is given: local
or "WIN2003". I select the latter. I now use a loginname that exists in the
AD, but DOES NOT EXIST IN THE LINUX BOX. This causes
a /home/WIN2003/users-home-dir to be created. All is good and normal.
Summa:
The linux box is now dependent on users to exist in the central AD. As wanted.
To the list and Moby;
- thank you for your help in this matter!
--
-------------------------------------------------------------------------
Med venlig hilsen/Best regards
Verner Kjærsgaard
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
[... lots of cut away... see thread...]
Hi list and Moby,
- I promissed to let the list and Moby know when/if I got this working.
I did :-)
I don't use any Kerberos stuff at all.
I setup the Win2003 DNS server to know of itself and the other boxes
(including the Linux ones) in the network.
I define the Linux boxes as normal, not pre-win2000 boxes in AD.
I tell AD about the (Linux) box in the network as said.
I tell AD about my (Linux) users, I do not specify anything special at all.
Linux:
I use SuSE10.2 with winbind installed.
I tell the Linux box to use the DNS of the windows machine as its first DNS
choice. I check that I can ping the windows machine using its name - which is
NOT in /etc/hosts. I.e., it's looked up in the win-DNS.
I use YaST/User Management/advanced. I elect to use SMB verification, and I
make the Linux box a member of the domain. Meaning in YaST network section, I
beforehand named the Linux box and declared it to belong to the correct
domain and all.
Once the machine is a legal member of the AD-domain and is set to use
SMB-authentication for its users, I reboot. Just this once.
Then when the blue login screen appears, a choice as to domain is given: local
or "WIN2003". I select the latter. I now use a loginname that exists in the
AD, but DOES NOT EXIST IN THE LINUX BOX. This causes
a /home/WIN2003/users-home-dir to be created. All is good and normal.
Summa:
The linux box is now dependent on users to exist in the central AD. As wanted.
To the list and Moby;
- thank you for your help in this matter!
--
-------------------------------------------------------------------------
Med venlig hilsen/Best regards
Verner Kjærsgaard
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |