i just need yes or no, can i authenticate Linux boxes from windows active directory DC with password aging, complexity policy applied from active directory ?
thanks in advance .
thanks in advance .
-
-
Yes, the easiest way to do this is to through OpenLDAP and Kerberos. There are several other methods through which to do this, however, including proxying OpenLDAP, or other similar utilities.
OpenLDAP+Kerber os is probably the one that has the most guides out there. -
actually i meant MS active directory , not openldap..
also i have tested MS AD password policy, and i was shocked it's working on linux boxes !
thanks anyways.Comment
-
When working with AD and Linux I personally have found the easiest method is to duplicate the AD domain in OpenLDAP, and have that work with the Linux hosts. Then the OpenLDAP can sync with AD, that doesn't mean it's the best or only way - just what I've found to be easiest and most documented when I run into issues.
There are several other ways to do this, and it's great to hear you were able to figure it out! Can you post what method you used to help anyone else who runs into this and doesn't want to use OpenLDAP? (And Windows server version, etc...?)Comment
-
consider the following
AD FQDN : master.dc.alone , domain is : dc.alone
1st configure linux box to use AD as NTP server (must)
2nd use system-config-authentication cmd and configure it exactly as following image (case sensitive)
3rd click join domain and provide domain admin credential.
then you are done :)
GL.Comment
Comment