Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Win2K or 2K3 Server, AD, passthru Kerberos, LDAP help?

I am preparing to implement either a Windows 2000 or Windows 2003 Server
domain with AD for 1000+ people, and we plan to have separate UNIX-based
Kerberos and LDAP servers.  This is for an MIT independent lab with a very
heterogenious environment, so PAM (pluggable authentication modules) for
the UNIX clients will not be friendly options.  I'm part of the system

I presume this task has been done in this type of setting, and I'd love to
hear feedback from any/all on links, case studies, contact people, etc.

The goal will be to set up the Win Server with AD, have Windows clients
join as workstations.  Then, with accounts and security being shared
between the LDAP and Kerberos servers, allow users to log into any
workstation of choice (or multiple workstations), do whatever they want -
(change passwords, work on research, etc), and have all authentication
to/from the Windows clients simply pass through the domain controller, so
we don't have to deal with two Kerberos and LDAP environments (one being
the independent servers, the other being the domain controller).

The ultimate goal will be the ability of users to log into UNIX and
Windows workstations alike with the same credentials, and all
authentication pointing singly at the LDAP and Kerberos servers only.

Thanks for ANY leads.  I've got some URLs, but I want as much info as
possible, for I'm the key implementor of this for the Microsoft-side :-|


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /