Re: [SAGE] RH directory server or IBM TDS and directory structure in a fairly complex environment

[David Magda <dmagda@xxxxxxxxxxxxx>]

On Jan 15, 2008, at 10:21, Nathan Hruby wrote:

> Here are a few links that may (or may not) be helpful:
> - http://www.quest.com/landing/? 
> ID=1025&AdCode=GoogleAdTextADtoUnixLinuxJava06052007
> - http://blog.scottlowe.org/2006/08/08/linux-active-directory-and- 
> windows-server-2003-r2-revisited/
> - http://gentoo-wiki.com/HOWTO_Active_Directory_with_Samba_and_Winbind

Note that all of these assume that you want single sign-on with  
Kerberos. It might be desirable to simply use AD to look up various  
attributes in a NIS-like directory look up system. In Windows 2003 R2  
and newer, AD started to use more RFC2307-like schemas so things  
match the Unix world a lot more.

Authentication can be done by looking up the password attribute or  
trying an LDAP bind with a DN constructed via the user name and  
password entered (the latter is more recommended I believe).