Can someone explain what's required to join a linux computer to the windows domain and what the benefits would be? Rick B.
Rick Bilonick wrote:> Can someone explain what's required to join a linux computer to the > windows domain and what the benefits would be? > > Rick B. > >How: use pam_winbind (see the howtos on the samba.org site) Why: single sign-on - same account is used on all workstations
On Wed, 2007-01-10 at 07:46 -0500, Rick Bilonick wrote:> Can someone explain what's required to join a linux computer to the > windows domain and what the benefits would be?A major benefit I've found to joining Linux workstations to an Active Directory (Windows 2000/2003) Domain is Kerberos support. Not only does this allow SSO between Linux and Windows computers, but SSO for many Linux services such as SSH. Very handy stuff. (This can also be accomplished using a KDC Server on any OS, its not an Active Directory specific feature.) Michael Schurter
On Wed, 2007-01-10 at 19:36 +0100, Leonardo Boselli wrote:> The password database in then in the win2k or on the linux server ?The password database would be the Active Directory (so Windows) server.> does this works also for imap, pop and miscellaneous applications using > pam ??Yep. :) That's the cool part. I just setup a SMTP/POP3/IMAP (Postfix + Dovecot) e-mail server that authenticates via PAM (winbind), so all Active Directory users have e-mail accounts using their AD username (sAMAccount attribute I believe). The only thing missing is that pam_mkhomedir doesn't work when users check e-mail, so you have to manually pre-create home directories for all of your users. I whipped up a quick python script to do that for me. Except for my Python script everything goes through PAM so it doesn't need any LDAP or Kerberos information or capabilities. Michael Schurter