On Mon, 2005-06-13 at 09:37 +0100, Alan Loughlin wrote:
Hi,
I was looking around for Linux active directory support and found an article on ms services for UNIX. Which apparently allows Linux clients to authenticate to ad as if it was a nis and nfs server.
We actually use services for unix (SFU) at present, we have the same usernames on both Active Directory and Linux (via NIS). This works fairly well for us and we use SFU to sync the passwords from Active Directory to our main NIS server. There are a couple of caveats to this: 1. As far as I know there is no support for group policy style restrictions on unix boxes 2. Don't bother trying to run the unix side of NIS or SFU on a 64bit machine (ie AMD64) as this just doesn't work (from bitter experience), but it does work fine on 32 bit machines. We do have some moderately complex user creation scripts to make users on Active Directory (via LDAP) and on Linux at the same time that I can strip the passwords out of and share if people are interested. We however are looking at a different way of doing this based on the new Fedora Directory Server that was released a couple of weeks ago. This is a full LDAP directory server including management tools. More importantly has tools to allow a 2 way sync with with Windows Active Directory server. While we haven't got much further than the looking at this stages it looks like a least an option to be considered. If the looking at it pans out we might well be rolling out at least a test version of this for September and maybe even a live one. Further information about this can be found here: http://directory.fedora.redhat.com/wiki/Main_Page -- Tim Fletcher Learning Technologies Manager - Parrs Wood High School tim@parrswood.manchester.sch.uk Tel: 0161 445 8786 Tim Fletcher C/O Parrs Wood High School Wilmslow Road Manchester M20 5PG