that is great news :) I know the microsoft guide linked in the wiki. It contains a lot of useful information but it has one major drawback.
---snip --- Security Configuration By default, Active Directory on Windows Server 2003 does not permit anonymous operations on the LDAP directory other than rootDSE searches. UNIX and Linux computers must be capable of browsing Active Directory to access UNIX Authentication and Authorization data. This data is required before a user logs in to the system. Therefore, the credentials of a domain user cannot be used to bind to Active Directory for searching. There are two main solutions to this problem: • Configure Active Directory to allow anonymous browsing. • Create a special Windows user account that is authorized to browse the Active Directory and then configure the UNIX and Linux operating systems to authenticate to Active Directory as this user. --- snip --- the first "solution" is unacceptable. The second solution requires a locally stored plaintext password file (ldap.secret). A more desireable solution would be to take the user's kerberos credidentials to access the ldap service on the domain controler. Unfortunately this approach is not covered in the guide as far as I can remember :-/ /R. 2005/11/2, Peter Flodin <[EMAIL PROTECTED]>: > I just recently created the SUSE Interoperability Project (sounds > fancy, but at this point it is a wiki page at > http://www.opensuse.org/SINTEROP), it is not linked to from anywhere > yet. The project goals are to provide tested and documented solutions > for SUSE to interoperate in an IT environment dominated by other > vendors. Initially focused on SUSE Linux 10.0 in a Microsoft > environment. > > Needless to say, anybody and everybody is not just welcomed but > encouraged to contribute, both in terms of howtos but also feedback > from using the information in your environment. > > Peter 'Pflodo' Flodin
