|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Les Mikesell (les_at_futuresource.com)
Date: Tue Jan 28 2003 - 14:31:21 CST
> From: Mike Renfro
> Disadvantages of pam_smb:
>
> * Have to create dummy accounts for authorized users on each system. I
> think there's a way around that, too, but like I said before, we don't
> want every domain user to have Unix access.
>
> * Tied into the previous disadvantage, dual-boot systems are
> difficult. If we add a user onto each system to use pam_smb, that
> system has to be in Unix 100% of the time. Winbind avoids this
> problem.
>
> Personally, I've got some sort of Active Directory/LDAP idea on the
> horizon, since our central IT bunch is rolling out their first AD
> tree. Hopefully it's close enough to regular LDAP to make the Unix
> boxes happy.
I think MKS has an add-in for Active Directory to make it work with
unix. Does anyone know if it is possible to use pam_smb for password
checking but LDAP for account information instead of needing the
local password file? That would suit my needs nicely for a few
boxes with limited users (using password file accounts only) and many
boxes that allow all users, with passwords the same everywhere.
Les Mikesell
les
futuresource.com
_______________________________________________
Pam-list mailing list
Pam-listredhat.com
https://listman.redhat.com/mailman/listinfo/pam-list
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]