Hi Preetam, Then let me rephrase the question a little...
We have two KDC servers with realm nyu.edu. Lets call them kerb1.nyu.edu and kerb2.nyu.edu my active directory is systems.private I want this active directory authentication to authenticate off of these kerberos servers... Its easy to do in unix and linux, but its killing me to set it up so this windows 2003 r2 AD can authenticate its users off of those kerberos servers. Thanks preetam R wrote: > Hi Ahmad, > > FYI: The Domain Controller itself contains a LDAP > server. > > Thanks, > Preetam > > --- Ahmad Arshad <[EMAIL PROTECTED]> wrote: > > >> Hi, >> >> I am not sure if this is the proper list for this... >> but any help would >> be appreciated... >> >> We are running a Windows 2003 R2 server whose domain >> is used for user >> and workstation authentication for a portion of the >> university >> population. We wanted to tie this domain lets call >> it systems.private >> into the university wide ldap server lets call is >> ldap.nyu.edu which >> stores university wide usernames/passwords etc. >> >> This way users who are part of the domain (remember >> we only want users >> who are part of the domain to have access) would be >> able to login to the >> domain.. using their IDs and passwords provided by >> the university. >> >> I am not sure if this makes any sense... >> >> so to recap >> >> a) User tries to log into the domain with his id and >> password. >> b) The domain controller checks to see if the user >> id is in its database. >> c) if it is, it forwards the credential to the ldap >> server for >> authentication. >> d) if the ldap authenticates, the user is allowed to >> login... >> >> Any help would be greatly appreciated.. >> >> Sincerely, >> >> Ahmad S Arshad >> >> ________________________________________________ >> Kerberos mailing list Kerberos@mit.edu >> https://mailman.mit.edu/mailman/listinfo/kerberos >> >> > > > > > ____________________________________________________________________________________ > We won't tell. Get more on shows you hate to love > (and love to hate): Yahoo! TV's Guilty Pleasures list. > http://tv.yahoo.com/collections/265 > -- Sincerely, Ahmad Arshad -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Systems Administrator Library Information Technology Systems New York University, Division of Libraries 70 Washington Square South, Mezzanine New York, NY 10012-1091 O: (212) 995-3513 F: (212) 995-3548 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
