Configuring RHEL servers to authenticate with Windows Server 2008Active Directory

s u p e r n a u t supernaut at gmx.com
Wed Jan 27 12:39:14 UTC 2010 

I've used this in the past to good effect with RHEL5.3 and W2K3.  I'm sure 
you'll have to make adjustments with W2K8, but it may be a good starting 
point.

http://www.interopsystems.com/downloads/Native_LDAP_native_Kerberos_and_AD_services.pdf



----- Original Message ----- 
From: "Kenneth Holter" <kenneho.ndu at gmail.com>
To: "General Red Hat Linux discussion list" <redhat-list at redhat.com>
Sent: Wednesday, January 27, 2010 7:58 AM
Subject: Re: Configuring RHEL servers to authenticate with Windows Server 
2008Active Directory


> Thanks for your reply.
>
> I would like the account and group information to be maintained in AD.
> Possibly later on we'll implement kerberos too.
>
>
> - Kenneth
>
> On Tue, Jan 26, 2010 at 5:32 PM, Marti, Robert <RJM002 at shsu.edu> wrote:
>
>> If you just care about authentication and not accounts, I'd set up 
>> kerberos
>> auth - much easier.  I have no experience setting up LDAP auth, sorry.
>>
>> Rob Marti
>> ________________________________________
>> From: redhat-list-bounces at redhat.com [redhat-list-bounces at redhat.com] On
>> Behalf Of Kenneth Holter [kenneho.ndu at gmail.com]
>> Sent: Tuesday, January 26, 2010 10:17
>> To: redhat-list at redhat.com
>> Subject: Configuring RHEL servers to authenticate with Windows Server 
>> 2008
>>      Active Directory
>>
>> Hello all.
>>
>>
>> I'd like to set my RHEL 4 and 5 servers up to authenticate with our 
>> Windows
>> server 2008 Active Directory. Using "authconfig --update --enableldap
>> --enableldapauth --ldapserver=ldap.example.com--ldapbasedn=dn=example,dn=com"
>> and adding "binddn" and "bindpw" to the /etc/ldap.conf file, it looks 
>> like
>> the linux box is connecting correctly to the AD server. But running 
>> "getent
>> passwd <some-linux-user-defined-on-AD>" doesn't return any result.
>>
>> I'm suspecting that maybe it's my nss_ldap attribute mappings that are 
>> not
>> correct. I have no attribute mapping defined, since I would think that
>> there
>> would be some default mappings that would work. Are there any default
>> mapping, and in case what are they? Or maybe "authconfig" set up these
>> mappings automatically? Any advice is appreciated.
>>
>> Best regards,
>> Kenneth Holter
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list