[ale] Mixed environments, central authentication, and central user management?

Lightner, Jeff JLightner at dsservices.com
Thu Oct 30 11:09:44 EDT 2014


I haven’t used it myself but if I were going in this direction I’d probably engage Centrify.    They did presentations at both AUUG and ALE and most of the folks at both those presentations seemed to think it was a good solution.
http://www.centrify.com

Of course that’s a commercial solution but you’re paying for RHEL & Windows anyway.   Their web site shows a TryIt/BuyIt for a 30 day eval.

If not going commercial I’d probably investigate Samba for the Linux side of things.


From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of James Sumners
Sent: Thursday, October 30, 2014 10:48 AM
To: Atlanta Linux Enthusiasts - Yes! We run Linux!
Subject: [ale] Mixed environments, central authentication, and central user management?

I administer RHEL systems in an environment that is primarily managed by a Windows domain. That is, Active Directory (AD) controls usernames, passwords, and all that jazz. I have my RHEL systems _authenticating_ against AD but that's it. I don't pull user ids, group ids, shells, group memberships, or anything else out of AD. I'm at the point where I want to move in that direction, though. And that's where I'd like some input from the list...

I can work with the AD administrator to get whatever attributes added that I need to make such a scenario work. But I wonder if that's worth it. Would it be better to setup a vanilla LDAP server specifically manage the RHEL users? If I did that, would I be able to pass the authentication along to the AD server but get the details out of the LDAP server? Or should I setup a Kerberos server that communicates with AD in addition to the LDAP server?

What are you guy's experience in this regard? How did you solve this problem?

--
James Sumners
http://james.roomfullofmirrors.com/

"All governments suffer a recurring problem: Power attracts pathological personalities. It is not that power corrupts but that it is magnetic to the corruptible. Such people have a tendency to become drunk on violence, a condition to which they are quickly addicted."

Missionaria Protectiva, Text QIV (decto)
CH:D 59



Athena®, Created for the Cause™

Making a Difference in the Fight Against Breast Cancer

_________________________________________________________

CONFIDENTIALITY NOTICE: This e-mail may contain privileged

or confidential information and is for the sole use of the intended

recipient(s). If you are not the intended recipient, any disclosure,

copying, distribution, or use of the contents of this information

is prohibited and may be unlawful. If you have received this electronic

transmission in error, please reply immediately to the sender that

you have received the message in error, and delete it. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20141030/a101e8a0/attachment.html>


More information about the Ale mailing list