Given an existing LDAP server used for authentication, can Windows desktops authenticate users against LDAP or perhaps Kerberos?
Windows – Can Windows integrate with LDAP
authenticationkerberosldapwindows
authenticationkerberosldapwindows
Given an existing LDAP server used for authentication, can Windows desktops authenticate users against LDAP or perhaps Kerberos?
Best Answer
I once tested this succesfully with pGina, but it's not very friendly to setup.
You can also use a SAMBA server acting as an Active Directory provider, with an LDAP backend, but I haven't tested this yet. Here are the two basic steps do:
SAMBA as a PDC
The basic configuration goes like this:
More info on the SAMBA docs.
LDAP
Properly configuring an LDAP server is not something trivial (neither the SAMBA server IMHO), but after you configure one (OpenLDAP, FDS, etc.), here's some good info on how to integrate it with SAMBA. And more specific for RedHat.
I also hear SAMBA 4 will be a complete replacement for Active Directory, but who knows when that will be released.
Anyway, I don't know if this has become easier than when I tried it (about 2 years ago), but I hope so, because I gave up after a few weeks of trial... Maybe it's time to give it another go.
Back then, my personal preference was for FDS because it has a great admin console, and it was easier to set up.
Edit: I just remembered eBox. I haven't tested it because I don't like all-in-one solutions, but take a look at the site if you do (it offers plenty more than a domain controller).