The Swede in the middle of Silicon Valley

Wednesday, September 16, 2009

Creds to Microsoft

Throughout the last few weeks I've somewhat raped my soul and went against most things I believe in. Why? I've done a Windows AD implementation to solve a somewhat interesting problem.

I've been working with an organization to help them create a centralized way of having authentication across the border, this include Windows, Linux and OS X servers and clients. Looking at the problem initially I gave it a try to run Samba as a PDC, unfortunately the development hasn't come as far as I hoped so I gave up that idea.

The solution I ended up choosing (which I haven't completely finished yet) is to utilize Windows AD and all that comes with it. As many know AD + Linux has never been a fun thing to deal with until recently as Microsoft decided to implement rfc2307 for Unix attributes. Doing this makes life a lot easier and I managed to put together a working solution in just a few hours, including group definitions!

For now I'm still working on having Samba authenticate with ADS so that shares can be maintained on a Linux-box rather than a Windows server (who wants to run NTFS anyway?) there's still some issues with it but I hope to have it ironed out pretty soon.

Didn't think I would say this but thank you Microsoft for opening up for us Unix-hackers!

No comments: