Throughout the last few weeks I've somewhat raped my soul and went against most things I believe in. Why? I've done a Windows AD implementation to solve a somewhat interesting problem.
I've been working with an organization to help them create a centralized way of having authentication across the border, this include Windows, Linux and OS X servers and clients. Looking at the problem initially I gave it a try to run Samba as a PDC, unfortunately the development hasn't come as far as I hoped so I gave up that idea.
The solution I ended up choosing (which I haven't completely finished yet) is to utilize Windows AD and all that comes with it. As many know AD + Linux has never been a fun thing to deal with until recently as Microsoft decided to implement rfc2307 for Unix attributes. Doing this makes life a lot easier and I managed to put together a working solution in just a few hours, including group definitions!
For now I'm still working on having Samba authenticate with ADS so that shares can be maintained on a Linux-box rather than a Windows server (who wants to run NTFS anyway?) there's still some issues with it but I hope to have it ironed out pretty soon.
Didn't think I would say this but thank you Microsoft for opening up for us Unix-hackers!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment