January 11th, 2002, 12:01 PM
I've set up this red hat linux 7 server and a few nodes at a local computer institute as a favour to the admin there. As the admin isn't really a linux guy, I'm called upon to do even the simplest of tasks like adding users and stuff (as there are about 5 or 6 new users everyday, you can imagine what a pain that is).
What I would like to know, is whether it is possible for me to set up the linux server so that it uses the Win2k advanced server to authenticate. That'll save me a lot of work because accounts are automatically created in the Win2k server for each new student. I've currently set up the linux nodes to use NIS to authenticate users(I've used NIS because security isn't really an issue here because the LAN isn't connected to the internet and the average student is too dumb to use windows 95 let alone hack a red hat linux server).
January 11th, 2002, 01:24 PM
The only method I know for using a linux box to authenticate against an "NT" server is samba. Microsoft so "graciously allowed" authentication to an NT domain through a linux/unix box but only if the linux/unix box is a BDC, not the PDC. You might hit www.samba.org and see what they're at as far as this issue goes. I know it works on NT 4.0 but no idea on Win 2k.
There are a few ways to automate user additions. Let me know if you want some help with it.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
January 11th, 2002, 03:03 PM
I went to the fine folks at Google and I found a site that may be of some interest to you.
Click Here. It's called pam_smb and it's a NT authentication tool for Linux. Here's a link to the FAQ.
pam_smb is a PAM module/server which allows authentication of UNIX users using an NT server.
Features (stable version):
- Authenticates Linux users against SMB servers in user mode(95, NT, samba etc). Will not authenticate against share level systems.
- Compiles on Redhat Linux 4.2 and greater and any Linux with PAM support. Also compiles under Solaris 2.6.
Developement version from CVS works on HP/UX 11 and FreeBSD 3.1
- Supports NT/Lanman encrypted passwords.
- Any service which uses PAM can authenticate against NT.
- Can setup to ignore lack of a local password entry when something else provides the users information such as RADIUS.
Planned Features (development version):
Username mapping support of Unix usernames to different NT usernames.
Hope this helps,