BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] AD/LDAP authentication
- Subject: [Discuss] AD/LDAP authentication
- From: darose at darose.net (David Rosenstrauch)
- Date: Wed, 13 Dec 2017 15:35:10 -0500
- In-reply-to: <9f056614-28a4-c612-8657-e4b83a6b44ec@gmail.com>
- References: <9f056614-28a4-c612-8657-e4b83a6b44ec@gmail.com>
On 2017-12-13 3:20 pm, Richard Pieri wrote: > On a completely different topic from document conversion... > > My employer has two Active Directory domains. I need to set up some > Linux servers (RHEL, SUSE and Ubuntu) to use both domains for user > authentication. Users get accounts on one or the other, never both. > This > is a mandate from Legal so the easy answer is off the table. > > SSSD and Winbind work for binding to one domain or the other but I > can't > bind to both at the same time (Red Hat promised this in RHEL 7 but have > yet to deliver). So I figure I can use AD for one domain and LDAP bind > authentication for the other, or LDAP binds to each domain, but I can't > either working. > > Yes, I'm doing something wrong. No, I don't know what. And, my > Google-Fu > is only finding single AD or LDAP auth server configurations. Has > anyone > here done anything like this before? Have any references you can point > me at? > > Thanks. This might be a pointer in the right direction, or might be a wild goose chase. (And apologies if the latter.) I did a project a few employers ago to add single-signon capabilities to their product, via integration with Active Directory. It's been a bunch of years since the project, so I don't remember a lot. But IIRC the way we did it was to use libcurl in conjunction with GSSAPI (which, IIRC, is not compiled into libcurl by default) in order to do the integration. I eventually did get it to work, and the product successfully did SSO using the AD system. Again, not 100% sure if this is the info you're looking for. If so, and if you have additional questions, feel free to respond back on or off-list and I can refer back to my notes for more details. HTH, DR
- References:
- [Discuss] AD/LDAP authentication
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] AD/LDAP authentication
- Prev by Date: [Discuss] AD/LDAP authentication
- Next by Date: [Discuss] printer issues
- Previous by thread: [Discuss] AD/LDAP authentication
- Next by thread: [Discuss] AD/LDAP authentication
- Index(es):