On Mon, Nov 03, 2003 at 09:07:16PM +0000, Ken Gilmour wrote:
| Hi there,
|
| We have a Windows Domain network using Active Directory and it is
| very handy how we setup one account on one server and all the rest
| of the computers logon to the domain, however, because I despise
| almost everything else about windows environments I'm wondering if
| it would be possible to setup all of the PCs with Debian instead and
| with X installed and if they would all be able to logon to the
| windows network in the same way?
I think pam_smb and/or pam_ldap will do what you are looking for.
They are pam modules. A pam module is an implementation of the pam
interface. PAM allows programs to use whatever method of determining
authorization the admin wishes without being recoded or recompiled
specifically for it. pam_ldap looks up accounts in an LDAP backend.
pam_smb (package libpam-smb) uses the SMB protocol to query a windows
server about the credentials (I think).
| This would probably save most companies at least thousands, if not,
| hundreds of thousands!
|
| Anyone know of a way to do that?
I second the suggestion to additionally replace the Windows/AD server
with Debian/OpenLDAP. You can store user account info in the LDAP
database on a debian server and have the debian desktops authenticate
against that (use pam_ldap).
Another option (for transitioning, if that's your goal) is to install
samba on the debian server and configure it to use the (OpenLDAP) LDAP
backend on the debian server for account info. Then the Windows
desktops can use that as the domain controller.
-D
--
Pleasant words are a honeycomb,
sweet to the soul and healing to the bones.
Proverbs 16:24
www: http://dman13.dyndns.org/~dman/ jabber: dman@dman13.dyndns.org
Attachment:
pgpJB5E5tllA3.pgp
Description: PGP signature