Jump to navigation
Brought to you by
This not the simplest of configurations to do... However, I would like to hear from someone who has successfully accomplished this...
I need single sign on from the domain for the RHEL workstations...
This isn't really too hard to do.
If you want single sign on you will need a mix of kerberos and ldap.
Extend the Active Directory with "MS Services for Unix", this will add the needed entries for unix password/group.
First of all I usually run authconfig to configure PAM, this is a little harded to do manually.
Next you need to configure the nss mappings, binddn, bindpw, uri in /etc/ldap.conf.
You need to install the CA certificate into /etc/pki/tls/certs/ca-bundle.crt, I just paste it at the bottom.
You need to configure your /etc/krb5.conf according to your AD settings.
Useful tools for debugging, getent, kinit, "nscd -i".
I'm not quite sure if this is all but you have inspired me to write a howto on this..
Well I am afraid your query is not very clear. Its always good to put detailed queries. However may be you are looking for something like this :
let me know.
forgot to mention . Another way is using winbind and kerberos.
This should work too. kbase.redhat.com is a nice place to check :) .
You could also try the open source project likewise-open.
Likewise is an application that is downstream off Samba and Winbind that makes a Linux machine behave as a windows machine, when it comes to connecting it to a Windows AD.
Check it out here
We have used both Likewise and also the way the other guys mentioned in our environment and are moving to having all our servers running likewise AD intergration.