Easily done, already
|
| Author | Content |
|---|---|
| Tracer Apr 16, 2006 5:45 AM EDT |
This is easy to do, anyway. You can have any Linux server authenticate to MS AD. No need to buy a big honking product. You can generate your own federated system. With an installation of krb5 and some simple modifications to these files: /etc/nsswitch.conf /etc/krb5.conf /etc/pam.d/common-* (I'll admit the documentation is poor, here, though. You can find how to do this on nuxified.org when you look in servers and networking under authenticating Samba to MS AD.) ...you can get Linux to authenticate to the MS AD. In order to authenticate apps, you can either have your web apps do a background process to test their login in a shell, which then gets passed to windows, or you can bring up an MS IIS Server that authenticates to MS AD and returns simply the page "OK". Using wget command or a PHP socket or web API from a Linux server, you can have your PHP app make a call to this address with those credentials and see if it returns back "OK", thereby confirming the authentication and allowing them into the application. |
| Tracer Apr 16, 2006 8:22 AM EDT |
We're working on a much better howto article at nuxified.org. It's in our private area. We'll turn it out in probably 2 days in the public area. Stay tuned... |
| tuxchick2 Apr 16, 2006 12:24 PM EDT |
Also, Samba 3 supports AD integration. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!