samba - Jul 2008 - Linux Authentication Ideas

Hello Everyone, I have been tasked to work on consolidating 
authentication to achieve single sign-on using Active Directory.

We have mix of Linux and Windows Hosts.  All Linux hosts do local 
authentication currently and Windows hosts authenticates Active directory.

I have been thinking of using Samba to authenticate Linux Hosts against 
Active Directory. I am fairly confident of configuring straight Linux to 
AD authentication. But we have 2 Active Directory forests. AD2 is 
trusted by AD1 and all the Linux hosts will be part of AD1.

The idea is to have a AD1 resource and AD2 users. So we will need Linux 
Hosts to authenticate users of both AD1 and AD2.  I am not sure about 
how to map uid/gid and also weather kerboros will be able to 
authenticate both Domains.

If you guys can throw some ideas on how to achieve this, that will be great.

Cheers, LA

Linux Addict wrote:
> Hello Everyone, I have been tasked to work on consolidating 
> authentication to achieve single sign-on using Active Directory.
>
> We have mix of Linux and Windows Hosts.  All Linux hosts do local 
> authentication currently and Windows hosts authenticates Active 
> directory.
>
> I have been thinking of using Samba to authenticate Linux Hosts 
> against Active Directory. I am fairly confident of configuring 
> straight Linux to AD authentication. But we have 2 Active Directory 
> forests. AD2 is trusted by AD1 and all the Linux hosts will be part of 
> AD1.
>
> The idea is to have a AD1 resource and AD2 users. So we will need 
> Linux Hosts to authenticate users of both AD1 and AD2.  I am not sure 
> about how to map uid/gid and also weather kerboros will be able to 
> authenticate both Domains.
>
> If you guys can throw some ideas on how to achieve this, that will be 
> great.
>
> Cheers, LA
>
Pump.. sorry.. I haven't heard from anyone.