Re: Have AD authenticate from LDAP/Kerberos server

From: j (j_at_jbfields3.cpom)
Date: 08/11/04 

Date: Wed, 11 Aug 2004 14:54:43 -0700

There is an identity management server product that is intended to sync-up
disparate login systems.

J
"Chris Barnes" <chris-barnes@tamu.edu> wrote in message
news:uXqGfD9fEHA.2984@tk2msftngp13.phx.gbl...
> I hope I don't get crucified here, but I'm going to ask anyway.
>
> I support a "mixed environment" - by that I mean that most of my users
> switch back and forth between Linux and their desktop environment (which
> is about 70% Win, 25% Mac, 5% Linux).
>
> In order to keep things sensible, we have an LDAP3 server (openldap on
> Linux) which acts as the authoratative holder of userids & passwords
> (going to migrate the passwords to Kerberos - also on Linux).
>
> Note that this works beautifully as all of the various servers we have
> talk to the LDAP server w/o problems. Well, except 1.
>
> We have a student lab where the computers are all WinXP machines. I
> would like to have a WinServer running as a DC so that they can logon,
> have roaming profiles, etc. Getting the home directory to point to
> their existing home directory on Linux was easy (samba - just point to
> it).
>
> However, maintaining userids & passwords is a nightmare. Seems that
> Windows wants to keep its own userid/passwords instead of allowing me to
> use those that already exist in the LDAP server (even though AD is
> supposed to be LDAP itself). This means that each person needs 2 sets
> of accounts & passwords - and they can quickly get out of sync (and
> since we're using samba to point to their home directory, you can see
> why this would be a big problem).
>
>
> Is there ANYWAY I can get Windows Server to look elsewhere for it's
> userid/password information?
>
> WinServer2003 Standard ed. btw
>
> --
>
> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
> Chris Barnes AOL IM: CNBarnes
> chris-barnes@tamu.edu Yahoo IM: chrisnbarnes
> Computer Systems Manager ph: 979-845-7801
> Department of Physics fax: 979-845-2590
> Texas A&M University
>
>

Relevant Pages

  • Re: Conditional Logins on a Domain
    ... > userids for volunteers and Per Diem nurses. ... > passwords in the hands of current and former volunteers and per diems. ... > afford "real" server hardware.... ...
    (microsoft.public.windows.server.active_directory)
  • Have AD authenticate from LDAP/Kerberos server
    ... is about 70% Win, 25% Mac, 5% Linux). ... In order to keep things sensible, we have an LDAP3 server (openldap on ... Linux) which acts as the authoratative holder of userids & passwords ... maintaining userids & passwords is a nightmare. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Project was unable to log you on at this time...
    ... the MSProjectServerUser userids to SQL Server, ...
    (microsoft.public.project.pro_and_server)
  • Re: how to find "step by step" articles to learn windows 2003 AD?
    ... Sites by Using ISA Server in Windows 2000 and Windows 2003" ... Additional Help Files for Windows Server 2003" ... http://support.microsoft.com?kbid=323360 "How to install and configure a DHCP ... http://support.microsoft.com?kbid=323381 "HOW TO Allow Remote Users to Access ...
    (microsoft.public.win2000.advanced_server)
  • Re: Installation Failure - Error Code 0x80244018
    ... You experience problems when you access the Windows Update Version 6 Web site through a server that is running ISA Server ... .101 is pruned out due to potential supersedence ... [CallerId = MicrosoftUpdate] ...
    (microsoft.public.windowsupdate)