1

My work environment is mainly Windows and Active Directory. Active Directory has no unix attributes extended. What is the best way to fully integrate a Linux box in that environment? I'd like the AD authentication to work seamlessly with all programs and services.

I've tried this approach a few times before. We have a separate OpenLDAP server for our Linux servers, and I've tried using that as an LDAP backend, but I kept running into too many problems with other services not being able to work correctly. I'm pretty sure I didn't do something right, but I didn't fully understand it. I was using the Samba how-to on samba.org.

I've also tried using IDMAP, which worked but was very slow. I guess ideally I'd like to be able to use LDAP to provide the Linux attributes, but use AD for password auth. Any help there?

Open to other suggestions or hints on how to better do this as well.

churnd
  • 4,237

4 Answers4

2

You probably want to look at Likewise Open.

http://www.likewise.com/products/likewise_open/

It's samba's winbind, but with a whole bunch of tweaks & fixes.

LapTop006
  • 6,526
1

You'll need to upgrade your DC to at least server 2k3 R2 so as to get the unix extensions

You can add your Linux servers to active directory I followed this guide: http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4

Which worked quite well. The hardest thing I found was working with the AD attributes but most of the information is on the net.

Shawn B
  • 41
1

I always recommend Likewise Open, it install on the Linux box easily and integrates the Linux Box into the AD Environment. Also, its Free.

Kyle Brandt
  • 85,693
0

My "linux in active directory" search yielded quest.com. We tested this and appeared useful.

JamesR
  • 1,107