redhat-list Digest, Vol 78, Issue 6
Joshua McClintock
jmcclintock at likewise.com
Fri Aug 6 16:33:12 UTC 2010
Likewise will allow you to restrict login based on AD Group Membership.
For 5.3 users, go to /etc/likewise/lsassd.conf and modify
'require-membership-of'. If you're using version 5.4 or 6, you'll need
to use lwregshell to modify the value. Let me know if you need any
help. Once you've modified the value, you'll need to refresh lsassd's
configuration (/opt/likewise/bin/lw-refresh-configuration).
Joshua McClintock
Likewise Community Engineer
Likewise Software, Inc.
Red Hat Certified Engineer (805009758142176)
************************************************************************
*********
Message: 14
Date: Fri, 6 Aug 2010 11:00:46 -0400 (EDT)
From: "Mike Burger" <mburger at bubbanfriends.org>
To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
Subject: Re: Using Centrify or Likewise for authenticating against AD
Message-ID:
<54abd1dd3d896c0ec5f11d6f3962dc9e.squirrel at www.bubbanfriends.org>
Content-Type: text/plain;charset=iso-8859-1
FWIW, I tried Likewise...my organization wound up just adding Kerberos
to
AD, and using AD as a Kerberos authentication server.
The problem I had with Likewise was that any AD user could log into my
Linux and Unix servers with Likewise enabled...we didn't seem to be able
to restrict them. Using AD auth via Kerberose meant that local
authorization was in play with remote authentication (if the account
doesn't exist on the box, they can not log in...period).
> Thanks for both the replies.
>
> I'm planning on testing Centrify Express in a couple of weeks. Found a
> site
>
http://www.workswithu.com/2010/07/23/active-directory-integration-centri
fy-express-vs-likewise/
> that
> compares Centrify against Likewise, and they both seem like good
> alternatives, but I'm gonna start testing Centrify Express and then
> perhaps
> test Likewise.
>
>
> - Kenneth
>
> On Tue, Aug 3, 2010 at 6:48 PM, Ryan Vong <ryan.vong at centrify.com>
wrote:
>
>> Hi Kenneth,
>>
>> See if this helps http://www.centrify.com/express
>> It's a free tool from Centrify...comes with a mgmt utility that
>> automates
>> the discovery of the servers and installs the necessary bits to join
>> them to
>> AD.
>>
>>
>> Cheers,
>> Ryan
>>
>>
>>
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit:
https://www.bubbanfriends.org/mailman/listinfo/site-update
or send a blank email message to:
site-update-subscribe at bubbanfriends.org
------------------------------
__
redhat-list mailing list
Unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
End of redhat-list Digest, Vol 78, Issue 6
******************************************
More information about the redhat-list
mailing list