2006/8/15, Steve Shockley <[EMAIL PROTECTED]>:
I'm researching setting up a wireless gateway using OpenBSD and authpf.
We've got an existing Active Directory (2003) domain with about 5000
user accounts that I'd like to authenticate against.
LDAP seemed like the obvious choice, but it appears I need to create
local accounts to use login_ldap, and it'd be unwieldy to sync 5000
users. There's also a patch for nsswitch, but I'd rather not use a
custom build if I don't have to.
Kerberos also sounded like a good idea, but if I understand correctly,
the clients would need a Kerberized ssh client, and they'd have to be
able to access the KDC before logging in to the gateway.
LDAP integration seems to be one of the next goals of OpenBSD.
What you can do now is to deploy Services for UNIX (SFU) on your
Windows Server system and activate client NIS compatibilility and then
setup your OpenBSD server for NIS.
Windows Server R2 already has SFU built in. Not sure about the NIS service.
Regards,
--
Eduardo Alvarenga
