Technical Analysis: Active Directory and Linux Identity Management - Port 25: The Open Source Community at Microsoft

Port 25 - Communications from the open source community at Microsoft
< Back to Blogs
Technical Analysis: Active Directory and Linux Identity Management by jcannon on December 11, 2007 04:22PM


Abstract: This paper is written for a somewhat technical audience and covers how the identity management expectations differ between the Windows Server platform and Linux - and how Windows Server can be used to manage both. This paper assume that the reader is familiar with general Windows administration tasks, such as user management.

Note: This paper represents testing and documentation in a lab environment. User Account Control (UAC) is an essential security component to Windows and Microsoft does not recommend turning off UAC in production environments.

Attachment: ADandLinuxIdentityMgmt.pdf
Comments RSS
  1. » Using Windows for Linux Identity Management said:

    PingBack from http://www.iqubed.biz/blog/2007/12/16/using-windows-for-linux-identity-management/

    posted at 01:58PM 12/16/2007
  2. Porte25: Open Source et Interop @ Microsoft said:

    Depuis mes derniers articles, il y a près d’un mois sous forme d’une « revue de presse » des deux principaux

    posted at 11:44AM 12/21/2007
  3. angelos said:

    I am using Active Directory in Vivodi Telecom so that I can  have a hand made single sign on solution for most of my  Unix hosts (winbind rocks ) and even for apache based applications.

    For Example on a RHEL4 with apache 2.0.52 you can do the following

    <Directory "/var/www">

           AuthType Basic

           AuthName "Restricted Access (windows password)"

           AuthLDAPEnabled on

           AuthLDAPAuthoritative on

           AuthLDAPURL ldap://ADserver:389/ou=Organization,dc=domain,dc=net?sAMAccountName?sub?(&(objectclass=user)(memberof=CN=SG-webapp,OU=Groups,OU=Organization,DC=domain,DC=net))

           AuthLDAPBindDN readonly@domain.net

           AuthLDAPBindPassword ......

           require valid-user

    </Directory>

    The memmberof filter defines an AD security group that is allowed to log in

    posted at 05:50AM 04/10/2008
Post a Comment
*
*  

Server Center

Search
About jcannon

jcannon My first interaction with computers was in... More...

Read jcannon's Posts Subscribe tojcannon's Posts
Recent Posts by jcannon
 
Archive