Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month at the Massachusetts Institute of Technology, in Building E51.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] AD/LDAP authentication

On 2017-12-13 3:20 pm, Richard Pieri wrote:
> On a completely different topic from document conversion...
> My employer has two Active Directory domains. I need to set up some
> Linux servers (RHEL, SUSE and Ubuntu) to use both domains for user
> authentication. Users get accounts on one or the other, never both. 
> This
> is a mandate from Legal so the easy answer is off the table.
> SSSD and Winbind work for binding to one domain or the other but I 
> can't
> bind to both at the same time (Red Hat promised this in RHEL 7 but have
> yet to deliver). So I figure I can use AD for one domain and LDAP bind
> authentication for the other, or LDAP binds to each domain, but I can't
> either working.
> Yes, I'm doing something wrong. No, I don't know what. And, my 
> Google-Fu
> is only finding single AD or LDAP auth server configurations. Has 
> anyone
> here done anything like this before? Have any references you can point
> me at?
> Thanks.

This might be a pointer in the right direction, or might be a wild goose 
chase.  (And apologies if the latter.)

I did a project a few employers ago to add single-signon capabilities to 
their product, via integration with Active Directory.  It's been a bunch 
of years since the project, so I don't remember a lot.  But IIRC the way 
we did it was to use libcurl in conjunction with GSSAPI (which, IIRC, is 
not compiled into libcurl by default) in order to do the integration.  I 
eventually did get it to work, and the product successfully did SSO 
using the AD system.

Again, not 100% sure if this is the info you're looking for.  If so, and 
if you have additional questions, feel free to respond back on or 
off-list and I can refer back to my notes for more details.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /