Re: LDAP to authnticate from Windows 2K Server: Trouble !

[Vishal Khanna <vishal.khanna@aitpl.co.in>]

Hi Paul,

Can't I use the PAM authentication modules for the same. See basically 
what I am doing is getting the users authenticated from LDAP, what I 
need to do is get them authenticated from WinNT (ADS).

I was told there was a authentication module called pam_windbind.so
which does the job. I just am not able to get this fixed (though I have 
it and it is installed as a .so in my system. But I could not find 
anything which did the authentication as I want to do.

Currently I use pam_ldap.so for the authentication(which works 
perfectly) Did you try this module out ?

Vishal K

Paul Reilly wrote:
> Hi Vishal,
>
> If you don't want to use windows at all, you can setup a server
> with Samba using LDAP as the backend. This allows you to replace
> a PDC and have unix/windows logins both to the same OpenLDAP
> database. See the HOWTO at:
>
> http://samba.idealx.org/
>
> Also there is a very good book on OpenLDAP which has just been
> published by O'Reilly. See
>
> http://www.oreilly.com/catalog/ldapsa/
>
> This covers (about 4 pages) howto set up LDAP/Samba for windows
> authentication.
>
> If you *must* use ADS, or keep a Windows PDC, then I have some
> patches for OpenLDAP that will allow you to store all your attributes
> uid,gid,homedirectory etc in OpenLDAP, but just passthru the password
> authentication to a windows PDC. It's a patch for OpenLDAP 2.1.6
>
> Paul


--
-