Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux+Windows Single Sign-on

Posted by timothy on from the what-a-concept dept.

musichead writes "Bill Boswell (writing for redmondmag.com) has posted an interesting article on configuring Linux clients to utilize a single sign-on and play nicely in a Microsoft Active Directory network. The article focuses on Fedora Core 2 (and the Core 3 beta), but he has examples and instructions for SuSE Linux 9.1 Professional, Mandrake 10.1 and Xandros Desktop 2.5 on his website."

6 of 40 comments (clear)

  1. mit has single sign-on using kerberos by lysander · · Score: 3, Informative

    Not that many sites use kerberos, but mit has had single sign-on with kerberos for quite some time.

    --
    GET YOUR WEAPONS READY! --DR.LIGHT
    1. Re:mit has single sign-on using kerberos by (startx) · · Score: 2, Informative

      UMR has also had SSO with kerberos for a long time now.

    2. Re:mit has single sign-on using kerberos by Short+Circuit · · Score: 2, Informative

      Grand Rapids Community College has nearly all of their services (including the Linux classes' box) use Novell for authentication.

      --
      tasks(723) drafts(105) languages(484) examples(29106)
  2. Re:Odd seeing this come from Redmond... by Glamdrlng · · Score: 3, Informative
    I wonder why the various Linux Vendors have not had some kind of setting during install to allow authentication to an Active Directory.
    I haven't made use of it yet, but during install Suse9.2 gives you the option of pointing the authentication piece to active directory.
    --

    Yes, my only tool is a hammer. And you're starting to look like a nail.
  3. Just tried this out. by Godeke · · Score: 2, Informative

    Having for a long time intended to link my Linux box to my home LAN's AD, this was just the ticket to try it. Overall things went well, although the instructions completely skip over the actual configuration of the krb5.conf file.

    In particular, this is a huge oversite because things don't work as expected. After some googling I discovered that you must specify the domain as MYDOMAIN.LOCAL, all caps. This must be done in several places, otherwise it throws cryptic errors.

    With that one proviso in place, I would say the rest of the instructions were sufficient for me to figure it out in 30 minutes. Both directions authenticate properly.

    --
    Sig under construction since 1998.
  4. Further Resources by olyar · · Score: 2, Informative
    FWIW, here's some links to more info on getting this done...

    One is the official HOWTO
    http://us4.samba.org/samba/docs/man/Samba-HOWTO-Co llection/winbind.html

    The other is from the Samba 3 by Example
    http://us4.samba.org/samba/docs/man/Samba-Guide/ke rberos.html

    --
    Custom, hands-free Linux installs. Instalinux