Mailinglist Archive: opensuse (929 mails)

< Previous Next >
Re: [opensuse] AD domain password change
  • From: Roger Oberholtzer <roger@xxxxxx>
  • Date: Fri, 05 Aug 2011 14:29:34 +0200
  • Message-id: <1312547374.32515.142.camel@acme.pacific>
On Fri, 2011-08-05 at 14:18 +0200, Lars Müller wrote:
On Fri, Aug 05, 2011 at 01:30:10PM +0200, Roger Oberholtzer wrote:
[ 8< ]
One example usage: After logging in to AD, can I have access to my home
directory no matter where I am? Obviously I can set this sort of thing
up in Linux with a linux login. But what can be done with an AD login?
Remember that I can log in to a Linux machine via AD without a previous
account on that machine. It is created on-the-fly. How can I get the AD
login to make available the user's home directory as defined in the AD?
I do not know that AD calls it a home directory. But there is usually a
common storage area defined for each user.

pam_mount

But how do I find/specify, in the context of pam_mount, the name of the
place to mount that was stored in the AD info? (Related to mu 'dumb
question' below.)

Another example (veering off thread topic- I think...): Our business as
a whole uses Windows and AD. Except for those in my group who use
openSUSE. The things that I see that are interesting are perhaps not
really related to AD. But, I cannot know that as I do not use AD. For
example, when a Windows user logs in, it is determined (1) which
printers they are authorized to use and (2) their default printer queue
is set to access the one closest to their location. This works
company-wide as one zips about with their laptop. Printouts seem to pop
out of the printer just down the corridor. No matter in which corridor
you find yourself. Is this location service in any way related to AD.

It is. It's done via a mix of LDAP, DNS, and group policy settings.
And here starts the painfull part of the integration. With Samba and
winbind we're only retrieve/ pull the information and store it locally -
in a ini file IIRC. This information needs to get parsed and passed to
the applications. This is the missing link.

Interesting. What INI file?

What I have in mind since quite some time is to identify the top five
settings we like to get and somehow store in a local config file. The
first attempt/ approach doesn't need to be perfect.

I like the sound of that. Here is probably a dumb question: Since I have
been authenticated against the AD, what command on Linux could I type to
see what information is available in the AD? That is, how can I explore
this information? Presumably since one is already authenticated via AD
it should be possible to access it with existing information?


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
roger.oberholtzer@xxxxxxxxxx
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >