Chapter 7. Using NT Domains for Linux Authentication

If your existing network uses an NT domain or an Active Directory domain, you may want to tap into your existing domain controller for Linux authentication. For instance, you might want a Linux POP server to use your existing Windows domain accounts. Doing so presents certain challenges, though; the Windows and Linux authentication systems require different types of information, so some information Linux needs isn't available from the domain controller. Fortunately, Samba's Winbind software helps bridge this gap. Winbind links together the domain controller's database and Linux's native authentication system, the Pluggable Authentication Modules (PAM). Using Winbind requires configuring Samba options for Winbind, as well as for PAM and another helper tool, the Name Service Switch (NSS).

Active Directory, introduced with Windows 2000, is the successor to NT domains. AD domain controllers support the older NT domain controller protocols for the sake of backward compatibility, so you can authenticate Linux systems against an AD controller using the methods described in this chapter. You can also authenticate Linux systems against an NT domain controller that runs Samba.

Because Winbind is part of Samba, you should understand the basics of Samba configuration before proceeding, even if you don't want to run the full Samba server suite on the system you're configuring. If you're not already familiar with the basics of Samba, you should read Chapter 3. If you want to have Linux fill the role of the NT domain controller, you should read Chapter 5.

    Linux in a Windows World
    Linux in a Windows World
    ISBN: 0596007582
    EAN: 2147483647
    Year: 2005
    Pages: 152

    Similar book on Amazon © 2008-2017.
    If you may any questions please contact us: