-
tommi
-
RE: connecting RHEL 5.3 to active directory
-
This isn't really too hard to do.
If you want single sign on you will need a mix of kerberos and ldap.
Extend the Active Directory with "MS Services for Unix", this will add the needed entries for unix password/group.
First of all I usually run authconfig to configure PAM, this is a little harded to do manually.
Next you need to configure the nss mappings, binddn, bindpw, uri in /etc/ldap.conf.
You need to install the CA certificate into /etc/pki/tls/certs/ca-bundle.crt, I just paste it at the bottom.
You need to configure your /etc/krb5.conf according to your AD settings.
Useful tools for debugging, getent, kinit, "nscd -i".
I'm not quite sure if this is all but you have inspired me to write a howto on this..
Good luck!
-
14 May 09
This isn't really too hard to do.
If you want single sign on you will need a mix of kerberos and ldap.
Extend the Active Directory with "MS Services for Unix", this will add the needed entries for unix password/group.
First of all I usually run authconfig to configure PAM, this is a little harded to do manually.
Next you need to configure the nss mappings, binddn, bindpw, uri in /etc/ldap.conf.
You need to install the CA certificate into /etc/pki/tls/certs/ca-bundle.crt, I just paste it at the bottom.
You need to configure your /etc/krb5.conf according to your AD settings.
Useful tools for debugging, getent, kinit, "nscd -i".
I'm not quite sure if this is all but you have inspired me to write a howto on this..
Good luck!
