[ale] Mixed environments, central authentication, and central user management?
Jim Kinney
jim.kinney at gmail.com
Thu Oct 30 16:20:11 EDT 2014
try the freeIPA version unless you have to stick with licensed for business
reasons. Basically dig up the rpms for CentOS.
I'm not running any AD (YAY!!! Ditched it for FreeIPA :-) so I've not
tested the AD linking. Yes. It looked complicated. duh. It's linking
windows auth to *nix auth. Yuck!
Heh, heh. I see FreeIPA as a way to get rid of AD and make windbloze auth
to Linux machines. Use that kerberos spec as it was designed and not as it
was mangled for AD.
On Thu, Oct 30, 2014 at 3:18 PM, James Sumners <james.sumners at gmail.com>
wrote:
> :-/
>
> The "trusts" configuration for Active Directory integration sounds
> complicated and not really worth it. But the synchronization method
> requires an extra license just to get the synchronization tool.
>
> On Thu, Oct 30, 2014 at 12:37 PM, James Sumners <james.sumners at gmail.com>
> wrote:
>
>> This looks very promising. Thank you for the suggestion.
>>
>> On Thu, Oct 30, 2014 at 11:17 AM, Jim Kinney <jim.kinney at gmail.com>
>> wrote:
>>
>>> RHEL IdM or the upstream FreeIPA solution. It can auth against AD but
>>> handles the ID/GID, etc. for RHEL users. Uses kerberos and LDAP.
>>>
>>
>
>
>
> --
> James Sumners
> http://james.roomfullofmirrors.com/
>
> "All governments suffer a recurring problem: Power attracts pathological
> personalities. It is not that power corrupts but that it is magnetic to the
> corruptible. Such people have a tendency to become drunk on violence, a
> condition to which they are quickly addicted."
>
> Missionaria Protectiva, Text QIV (decto)
> CH:D 59
>
--
--
James P. Kinney III
Every time you stop a school, you will have to build a jail. What you gain
at one end you lose at the other. It's like feeding a dog on his own tail.
It won't fatten the dog.
- Speech 11/23/1900 Mark Twain
*http://heretothereideas.blogspot.com/
<http://heretothereideas.blogspot.com/>*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20141030/37d7e6a3/attachment.html>
More information about the Ale
mailing list