Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

Linux-AD Integration Direction

I’ve spent some time over the last few days researching some of the various ways in which to allow users to login to Linux servers using their credentials from Active Directory. Along the way, I’ve found some useful articles; notably, here, here, and here. These are also bookmarked in my del.icio.us bookmark list under the Linux tag.

It looks as if the best solution involves the use of Kerberos for authentication and LDAP for user/group name resolution. As fate would have it, as soon as I decide to use Kerberos, some new security holes are discovered. At least these security holes don’t involve Microsoft’s implementation of Kerberos, but they will affect the Linux Kerberos clients. Hopefully, patches for the affected portions will be released reasonably quickly.

As this project evolves, I’ll continue to post more information here. A final “how to” will likely also be posted on the Mercurion Systems web site as well.

Be social and share this post!