I've used a pam module called pam_smb for this in the past. It has worked quite well
for me. I used it for a Linux mail server on a Windows 2000 domain, but it was
designed for NT domains.
It allows anything that is PAMable on the Linux box to authenticate against the DC,
including sendmail, SSH, telnet, ftp, pretty-much-whatever.
It is a little bit crude, and I don't know that I would trust it 100% in a really
security sensitive environment, but it does work.
You can find it at:
http://www.csn.ul.ie/~airlied/pam_smb/
On Tue, 21 May 2002 16:37:53 -0400
[EMAIL PROTECTED] wrote:
>
> Hi all,
>
> I need to set up a lab environment. Currently there is nothing.
> What I'd *like* to do is set up the environment so that all the
> systems authenticate against a central LDAP or NT PDC server.
>
> The catch is, I don't own the servers I want to authenticate against.
> I'm *hoping* the LDAP server exists, but I'm not sure it does. In
> which case, I'd like to authenticate against an NT PDC.
>
> Does anyone know if you *can* authenticate against an NT PDC using
> Linux? What about with Solaris? Do I need any special access granted
> by the NT PDC to allow hosts to authenticate, such as a domain
> account for each machine ?
>
> The short of it is that I don't want to have to manage user accounts
> if I don't have to :)
>
> Has anyone else done anything like this before?
>
> Thanks!
>
>
> --
>
> Seeya,
> Paul
>
>
>
> *****************************************************************
> To unsubscribe from this list, send mail to [EMAIL PROTECTED]
> with the text 'unsubscribe gnhlug' in the message body.
> *****************************************************************
--
Joseph E. Mainusch
43A East Ridge Road
Merrimack, NH 03054
+1 (603) 560 6317
http://www.mainusch.net/
*****************************************************************
To unsubscribe from this list, send mail to [EMAIL PROTECTED]
with the text 'unsubscribe gnhlug' in the message body.
*****************************************************************
