Hello, FYI. To make linux LDAP client working with AD, I had to add posix attributes (uid,gid,uidNumber, etc..) to my AD user. I configured LDAP client using "sssd" on SLES12 and I'm happily authenticating against AD.
Thanks for help, Mariusz pon., 1 kwi 2019 o 16:19 Alan Altmark <alan_altm...@us.ibm.com> napisaĆ(a): > On Monday, 04/01/2019 at 08:21 GMT, "Harder, Pieter" > <pieter.har...@brabantwater.nl> wrote: > > Until 2 years ago our AD was 2003. And that was a really big headache. > And I > > think they dropped the last win2003 servers quite recently. > > Since moving to a more recent AD the win guys have been debating moving > off > > NTLM. But it seems there are some oldish applications that don't talk > Kerberos > > and require NTLM. > > Anyway, it's not my problem. But I thought I would just mention it when > I saw > > your statement, in case anybody else does have NTLM still active. > > To your original question, though, many clients have integrated LDAP-based > clients with AD. As David said, AD is just a variation of LDAP. If all > you need is authentication, then it's supposedly pretty straightforward > (I've never personally done it). > > Ignoring the specific application (ITM), I found this to be helpful in > understanding how LDAP fits into AD: > > https://www.ibm.com/support/knowledgecenter/en/SSTFXA_6.3.0/com.ibm.itm.doc_6.3/adminuse/msad_ldap_beforeyoubegin.htm#msad_ldap_beforeyoubegin__tepuser > . Mostly I was happy because it had screen shots. :-) It may be that AD > administration for LDAP clients is more integrated into the AD admin tools > than is shown. > > Alan Altmark > > Senior Managing z/VM and Linux Consultant > IBM Systems Lab Services > IBM Z Delivery Practice > ibm.com/systems/services/labservices > office: 607.429.3323 > mobile; 607.321.7556 > alan_altm...@us.ibm.com > IBM Endicott > > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390