Hi, We have few RHEL servers. For the app support team the authentication is based on MS-Active Directory. I had build the boxes using the following line in the kickstart:
authconfig --enableshadow --enablemd5 --enablekrb5 --krb5realm DOMAIN.COM --krb5kdc msadc01.domain.com:88,msadc02.domain.com:88 --krb5adminserver msadc01.domain.com:749 Now I just create the same account on linux servers as is there on active directory. I dont even need to set the password as the authentication happens with MS-Active Directory. Is there a way that we dont even need to create the account on the server. I have tried doing this successfully using samba and winbind, but somehow it was getting too complicated in our configuration (cant remember the exact details now). I only want that if a user is not found on local system then the active directory is checked. The pam_krb5 module needs the account on local box and then authenticates only the password from AD. I want it to go to AD for doing both. And ofcourse the group mapping also has to be done. Regards. -- Ajitabh Pandey http://www.ajitabhpandey.info http://www.unixclinic.net ICQ - 150615062 Registered Linux User - 240748 ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ linux-india-help mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/linux-india-help
