Mailinglist Archive: opensuse (3106 mails)

< Previous Next >
Re: [opensuse] AD and OpenSuSE10.2 (Identity Manager for Unix)
  • From: Moby <moby@xxxxxxxxxxxxxx>
  • Date: Thu, 15 Feb 2007 14:40:11 -0600
  • Message-id: <45D4C52B.3070603@xxxxxxxxxxxxxx>

Verner Kjærsgaard wrote:
Torsdag 15 februar 2007 18:08 skrev Moby:
Verner Kjærsgaard wrote:
Hi list,

- has anyone tried using MS-Win2003R2 AD as authentication/authorisation
for SuSE10.2 users?

if so, is there a how-to somewhere?
I have and it works quite well. Unfortunately, I did not find a single
comprehensive HOW-TO or source of information, but got bits and pieces
from different places and then added some bits of my own. One of these
day (tm), time permitting, I may put together a how-to. In the
meantime, feel free to ask.

- thank you!

In the MS box, I installed the "Identity Manager for Unix" component. I then added a user and filled in some UID, home path and some details. Now, I need MS to allow my Linuxbox to ask for authentication, how?

- second q: in the linux box, would one select NIS or LDAP as authentication mechanism? I would think NIX, but...?

- do I need the MS box to run a DNS server and all in order for this to work?

I am not using the MS "Identity Manager for Unix" components, nor is it really needed. There are no changes to be made on the M$ side.
On the Linux side, install samba, samba-winbind, and krb5-client. Configure /etc/krb5.conf to point to your domain. Configure smb.conf to use winbind and use the idmap RID method. Then edit /etc/nsswitch to use winbind.

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >