new bit of information of interest to this thread, sorta, quoted from my $boss:
"Windows 2003 Server R2 has a new feature called "Identity Management for UNIX," which includes an Active Directory-integrated NIS service. All Red Hat boxes are preconfigured with the ability to authenticate to NIS, and with minor tweaking, you can get them to auto-create home directories the first time a valid NIS user logs in (similar to how Windows XP boxes create user profiles). R2 also includes an NFS server and client, and a Posix-compatible operating environment (like Cygwin). I wonder if you can install gcc on 2003 R2 and compile and run bash?" That might open some doors for alternatives. I haven't tried this... On 11/2/06, David McDowell <[EMAIL PROTECTED]> wrote:
Is this what you want? http://www.turnpike420.net/linux/Apache_ADS_AuthLDAP.txt David On 11/2/06, Paul G. Szabady <[EMAIL PROTECTED]> wrote: > Greetings, > > Is it at all possible to authenticate users via http/.htaccess using their > Windows AD (native mode) domain accounts without a local user account? I > have made the following changes and it works fine if there's a local user > account. I'm trying to stay away from winbind and don't control our AD > forest, so I'm not sure we can get ldap extensions in the AD. > > If this is not possible with the means I've mentioned, can anyone suggest > any alternatives they've used or seen in use? > > This would mainly be on RHEL3 & RHEL4 boxes, although I have two sun > servers that I need to do something with as well. > > In the /etc/httpd/conf/httpd.conf file I added: > AuthPAM_FallThrough on > AuthPAM_Enabled on > > In the /etc/pam.d/ config files I changed httpd and system-auth to: > > [EMAIL PROTECTED] pam.d]# cat httpd > #%PAM-1.0 > auth required /lib/security/$ISA/pam_env.so > auth sufficient /lib/security/$ISA/pam_krb5.so > auth required /lib/security/$ISA/pam_deny.so > account required /lib/security/$ISA/pam_krb5.so > [EMAIL PROTECTED] pam.d]# > > [EMAIL PROTECTED] pam.d]# cat system-auth > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required /lib/security/$ISA/pam_env.so > auth sufficient /lib/security/$ISA/pam_krb5.so > ccache=/tmp/krb5cc_%u > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok > auth required /lib/security/$ISA/pam_deny.so > > account required /lib/security/$ISA/pam_unix.so > > password required /lib/security/$ISA/pam_cracklib.so retry=3 type= > password sufficient /lib/security/$ISA/pam_unix.so nullok > use_authtok md5 shadow > password required /lib/security/$ISA/pam_deny.so > > session required /lib/security/$ISA/pam_limits.so > session required /lib/security/$ISA/pam_unix.so > [EMAIL PROTECTED] pam.d]# > > Any help would be appreciated! > > -- > Paul > @ Thy Service > > > -- > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > TriLUG Organizational FAQ : http://trilug.org/faq/ > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ >
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
