[Date Prev][Date Next]
Re: Authenticate windows against OpenLDAP
Imobach González Sosa wrote:
El Lunes, 23 de Agosto de 2004 11:50, escribió:
Maybe this subject has been treated too many times in this list, but I've
only found this thread
and is two years old; so I'd like to update the information.
This question has zero relevance to OpenLDAP. You're better off pursuing
this subject in a Microsoft or Samba-dedicated forum. Whether you can
authenticate Windows against LDAP depends entirely on the Windows client
software, and it makes no difference whose LDAP software you use.
The question is simple: can windows machines authenticate against a
OpenLDAP server instead of Active Directory? I mean without using Samba.
pGina works for what it does - authentication - but that's only half of
the problem in getting a Windows logon. You also need the Windows
authorization information, and Windows only gets that using Kerberos
(with the proprietary, Microsoft-specific PAC extension to the TGT) or
secure RPC. As such, no matter what plugin you use with pGina to perform
authentication, you still need to have your account info in a
Microsoft-compatible authorization server. If you use Samba, you can at
least avoid the duplication if you centralize everything in LDAP. But
then if you use Samba, you don't need pGina/LDAP.
mmmm, maybe pGina is what I'm looking for:
Any experience with pGina?
Followups to this subject do not belong on this mailing list.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support