I have an LDAP server Novell eDirectory in my Environment through which has the user data. In my Environment i have set of Windows and Linux servers. I need to use this LDAP As the Authentication Source for for both the servers.
For Linux i need to achieve this by setting the linux as LDAP Client & extended edirectory schema for linux users and users are able to login into the machine and even able to create the home directories for the user. But the problem comes with the windows machines.
For windows machines i have used novell gina which authenticates the user using LDAP but it also requires a local or domain user credentials to login into the local system.Then for every user i have to create a local user on every system which is off target of purpose.
Then i have used pgina (Another Open Source Gina) through which i can authenticate the user using LDAP and it creates a profile for the user. Fine but it is also creating a local user with the LDAP username.If any admin changes password on the local machine for this user then the password of both the LDAP and local user will not be in sync.
How can i get the login behavoiur of active directory where it will authenticate against active directory (Think AD as LDAP) and creates a profile for you in the local system but never creates a local user.Anybody can throw some light on this to solve the issue?
Thanks and Regards,
Sunny.
Best Answer
To do what you're looking for in the easiest manner possible you really want a Windows Domain (as @Joel Coel says in his comment). You don't have to use Windows Server to host the Domain-- Samba has worked fine in that role for years now, and Samba can back-end authentication into LDAP.
Using a Windows Domain for this is preferable to any alternatives because you're leveraginga lot of client code Microsoft wrote and tested, rather than using code that re-invents the wheel. You can move to newer versions of Windows using a Domain, versus being tied to code (like pGina) that doesn't work in newer Windows versions.