Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux+Windows Single Sign-on

Posted by timothy on from the what-a-concept dept.

musichead writes "Bill Boswell (writing for redmondmag.com) has posted an interesting article on configuring Linux clients to utilize a single sign-on and play nicely in a Microsoft Active Directory network. The article focuses on Fedora Core 2 (and the Core 3 beta), but he has examples and instructions for SuSE Linux 9.1 Professional, Mandrake 10.1 and Xandros Desktop 2.5 on his website."

2 of 40 comments (clear)

  1. Easier the other way by gregmac · · Score: 2, Interesting

    I've had "single sign-on" for a while now, using Samba as my PDC (originally replaced my NT server about 3 years ago). It wasn't overly difficult to set up, but basically it's running LDAP at the very bottom, and Samba users LDAP as it's database. I can also authenticate from other linux boxes directly against the LDAP server.

    I also integrated a number of web applications into it so they authenticate against the LDAP server as well. This isn't always quite as nice - you usually have to type your user/pass in again - but at least it's synchronized with your main account.

    As far as end-users are concerned, the result is the same. None of my end-users know any difference between running on this or a Windows server, I don't have any more work to do (things seem to break less than they did with NT .. but I never had stats on this so I can't say for sure) and it's a lot easier to get updates now. And above all, it saves us a lot of money in licencing fees.

    --
    Speak before you think
    1. Re:Easier the other way by Mastoid · · Score: 2, Interesting

      Those are good reasons to set things up that way. I've done the same thing in small offices. I stress "small" offices.

      There are good reasons to do things the other way around. That is, a network of Windows AD servers providing the SSO and Unix clients authenticating against them.

      I run a large distributed network where I rely on Windows capabilities to minimize maintenance on client desktops. Group Policy is at the top of the list here. When Linux can natively subsitute itself for an AD controller instead of an NT PDC, and can enforce policies on the domain, I'll give it another chance as a SSO provider.

      --
      I had an argument...with the person here at the university that teaches OS design. I wonder when I'll learn --Linus