Pandu Poluan <pa...@poluan.info> 2012-05-11 10:36:
Hello list,I just want to know, what is your recommendation(s) to implement Active Directory authentication on Gentoo?
Attribute data can be stored/retrieved in ldaps (as in AD usually only allows authenticated binds to retrieve data and it requires an ssl connection to do that, other than that it's really just ldap).
Authentication can be done either via ldaps or kerberos, though I personally find the later to be extra complication that's usually unnecessary.
As someone else mentioned, there's a wealth of data out there on how to do this in any number of schemes (eg: libnss-ldap, libpam-ldap, sssd, etc.).
I want to use AD not only for logins, but also for running daemons/services.
I don't see the distinction. Either way it seems you're concerned with authenticating users and doing attribute lookups on them.
*Ideally*, it would also allow me to manage my boxen using GPO, but I can live without that.
I'm not personally aware of anything that does that. If there is, it's probably something like redhat/suse specific.
However, I believe it is possible to use a samba4 host as a domain controller to serve GPs to windows clients.
Cheers, Brian
signature.asc
Description: Digital signature
