BTW, unless this has changed, Microsoft "Services for UNIX" (SFU) and its "Identity Management for UNIX" is nothing more than NIS maps (and the related schema added, so it would require a schema change if not already three). If you just want object reference and already use Kerberos for authentication, then that could work as a stop-gap solution until you implement something better (especially if it would not be accepted for compliance, even though you're using Kerberos for authentication).
----- Original Message ---- From: "Bohmer, Andre ten" <[email protected]> Until now we had to manage a few user accounts per Linux server. We create a local account with the same name as the Windows Active directory samAccountName and authenticated via Kerberos. But now we’re on the brink of rolling out large high performance servers with lot's of users which also share storage across different Linux servers. So it would be much easier to grant users access based on AD group membership, but also it's significant to maintain the same uid/guid across all servers. Some googling around show a combination of samba, winbind, ldap, Kerberos and Microsoft Services for Unix, but also RedHat Directory Server which seems to do it's own uid/guid mapping without the need of a AD schema update. Any thoughts on what would suite/works best? _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
