unix active directory - Kerberos

This is a discussion on unix active directory - Kerberos ; I am interested in getting an Active Directory server setup on a linux (Ubuntu) server. I currently just have a samba file server, ntp, and dns setup on this server. I don't have any Windows 2k/XP servers here. I have ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: unix active directory

  1. unix active directory

    I am interested in getting an Active Directory server setup on a linux (Ubuntu)
    server. I currently just have a samba file server, ntp, and dns setup on this
    server. I don't have any Windows 2k/XP servers here.

    I have found many howtos and other docs on kerberos, ldap, and samba. However
    my question is where to start. In theory, what I was looking for was a cookie
    cutter solution to getting an Active Directory server setup on Unix. However
    aside from that, I was wondering where I should start.

    One more point of woe for me is that I don't have a FQDN. I was advised that I
    could just make one on my dns and setup dhcp to make sure those hosts used my
    dns and be fine with that. I was wondering if this is possible?

    Also, though I have googled and have a bit more than a half dozen pages along
    this topic bookmarked, any resources that anyone could recommend would be
    appreciated.



    thanx
    darkhaven (aka - shawn wilson / ag4ve)

    __________________________________________________
    Do You Yahoo!?
    Tired of spam? Yahoo! Mail has the best spam protection around
    http://mail.yahoo.com
    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  2. Re: unix active directory

    Hi Shawn,

    Active Directory is the name of Microsoft's KDC/LDAP server. So there's
    no such thing as "Active Directory server on linux". You could setup a
    KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
    Server) on your Linux machine but even if you managed to get them
    to work together well, you still wouldn't have anything like "Active
    Directory". The closest thing to AD on linux would be Samba4 but that's
    not quite ready for production environments.

    Also, unless you have a specific question about Kerberos I think responses
    here will be limited [1].

    Mike

    [1] I pleased to see that this list is very tolerant of posts about
    "Active Directory". Apparently the OpenLDAP-software list automatically
    censors any post containing the term (e.g. my sig).

    On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
    Shawn Wilson wrote:

    > I am interested in getting an Active Directory server setup on a linux (Ubuntu)
    > server. I currently just have a samba file server, ntp, and dns setup on this
    > server. I don't have any Windows 2k/XP servers here.
    >
    > I have found many howtos and other docs on kerberos, ldap, and samba. However
    > my question is where to start. In theory, what I was looking for was a cookie
    > cutter solution to getting an Active Directory server setup on Unix. However
    > aside from that, I was wondering where I should start.
    >
    > One more point of woe for me is that I don't have a FQDN. I was advised that I
    > could just make one on my dns and setup dhcp to make sure those hosts used my
    > dns and be fine with that. I was wondering if this is possible?
    >
    > Also, though I have googled and have a bit more than a half dozen pages along
    > this topic bookmarked, any resources that anyone could recommend would be
    > appreciated.
    >
    >
    >
    > thanx
    > darkhaven (aka - shawn wilson / ag4ve)
    >
    > __________________________________________________
    > Do You Yahoo!?
    > Tired of spam? Yahoo! Mail has the best spam protection around
    > http://mail.yahoo.com
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >



    --
    Michael B Allen
    PHP Active Directory SSO
    http://www.ioplex.com/
    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  3. Re: unix active directory

    Michael B Allen writes:

    > Hi Shawn,
    > Active Directory is the name of Microsoft's KDC/LDAP server. So there's
    > no such thing as "Active Directory server on linux". You could setup a
    > KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
    > Server) on your Linux machine but even if you managed to get them
    > to work together well, you still wouldn't have anything like "Active
    > Directory". The closest thing to AD on linux would be Samba4 but that's
    > not quite ready for production environments.


    I think you are forgetting XAD, from PADL, which was a complete AD
    replacement that could be run on Linux.

    --Quanah


    --
    Quanah Gibson-Mount
    Principal Software Developer
    ITS/Shared Application Services
    Stanford University
    GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

  4. RE: unix active directory

    Michael,

    I suggest you take a look at XAD (www.padl.com). This is a product that
    runs on Linux, and looks like an Active Directory domain controller.

    Cheers,
    Tim

    -----Original Message-----
    From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
    Behalf Of Michael B Allen
    Sent: 09 August 2006 20:33
    To: Shawn Wilson
    Cc: kerberos@mit.edu
    Subject: Re: unix active directory

    Hi Shawn,

    Active Directory is the name of Microsoft's KDC/LDAP server. So there's
    no such thing as "Active Directory server on linux". You could setup a
    KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
    Server) on your Linux machine but even if you managed to get them
    to work together well, you still wouldn't have anything like "Active
    Directory". The closest thing to AD on linux would be Samba4 but that's
    not quite ready for production environments.

    Also, unless you have a specific question about Kerberos I think
    responses
    here will be limited [1].

    Mike

    [1] I pleased to see that this list is very tolerant of posts about
    "Active Directory". Apparently the OpenLDAP-software list automatically
    censors any post containing the term (e.g. my sig).

    On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
    Shawn Wilson wrote:

    > I am interested in getting an Active Directory server setup on a linux

    (Ubuntu)
    > server. I currently just have a samba file server, ntp, and dns setup

    on this
    > server. I don't have any Windows 2k/XP servers here.
    >
    > I have found many howtos and other docs on kerberos, ldap, and samba.

    However
    > my question is where to start. In theory, what I was looking for was a

    cookie
    > cutter solution to getting an Active Directory server setup on Unix.

    However
    > aside from that, I was wondering where I should start.
    >
    > One more point of woe for me is that I don't have a FQDN. I was

    advised that I
    > could just make one on my dns and setup dhcp to make sure those hosts

    used my
    > dns and be fine with that. I was wondering if this is possible?
    >
    > Also, though I have googled and have a bit more than a half dozen

    pages along
    > this topic bookmarked, any resources that anyone could recommend would

    be
    > appreciated.
    >
    >
    >
    > thanx
    > darkhaven (aka - shawn wilson / ag4ve)
    >
    > __________________________________________________
    > Do You Yahoo!?
    > Tired of spam? Yahoo! Mail has the best spam protection around
    > http://mail.yahoo.com
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >



    --

    Michael B Allen
    PHP Active Directory SSO
    http://www.ioplex.com/
    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  5. RE: unix active directory

    I was going to make the identical suggestion, however, when I
    went looking on the PADL website, mention of XAD was nowhere to
    be found. A search of the site turns up references to XAD,
    however, they either lead to 404s or to redirects to the main
    product page.

    Perhaps XAD is being shelved?

    -- Tom

    Thomas A. La Porte, DreamWorks Animation


    On Wed, 9 Aug 2006, Tim Alsop wrote:

    > Michael,
    >
    > I suggest you take a look at XAD (www.padl.com). This is a product that
    > runs on Linux, and looks like an Active Directory domain controller.
    >
    > Cheers,
    > Tim
    >
    > -----Original Message-----
    > From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
    > Behalf Of Michael B Allen
    > Sent: 09 August 2006 20:33
    > To: Shawn Wilson
    > Cc: kerberos@mit.edu
    > Subject: Re: unix active directory
    >
    > Hi Shawn,
    >
    > Active Directory is the name of Microsoft's KDC/LDAP server. So there's
    > no such thing as "Active Directory server on linux". You could setup a
    > KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
    > Server) on your Linux machine but even if you managed to get them
    > to work together well, you still wouldn't have anything like "Active
    > Directory". The closest thing to AD on linux would be Samba4 but that's
    > not quite ready for production environments.
    >
    > Also, unless you have a specific question about Kerberos I think
    > responses
    > here will be limited [1].
    >
    > Mike
    >
    > [1] I pleased to see that this list is very tolerant of posts about
    > "Active Directory". Apparently the OpenLDAP-software list automatically
    > censors any post containing the term (e.g. my sig).
    >
    > On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
    > Shawn Wilson wrote:
    >
    >> I am interested in getting an Active Directory server setup on a linux

    > (Ubuntu)
    >> server. I currently just have a samba file server, ntp, and dns setup

    > on this
    >> server. I don't have any Windows 2k/XP servers here.
    >>
    >> I have found many howtos and other docs on kerberos, ldap, and samba.

    > However
    >> my question is where to start. In theory, what I was looking for was a

    > cookie
    >> cutter solution to getting an Active Directory server setup on Unix.

    > However
    >> aside from that, I was wondering where I should start.
    >>
    >> One more point of woe for me is that I don't have a FQDN. I was

    > advised that I
    >> could just make one on my dns and setup dhcp to make sure those hosts

    > used my
    >> dns and be fine with that. I was wondering if this is possible?
    >>
    >> Also, though I have googled and have a bit more than a half dozen

    > pages along
    >> this topic bookmarked, any resources that anyone could recommend would

    > be
    >> appreciated.
    >>
    >>
    >>
    >> thanx
    >> darkhaven (aka - shawn wilson / ag4ve)
    >>
    >> __________________________________________________
    >> Do You Yahoo!?
    >> Tired of spam? Yahoo! Mail has the best spam protection around
    >> http://mail.yahoo.com
    >> ________________________________________________
    >> Kerberos mailing list Kerberos@mit.edu
    >> https://mailman.mit.edu/mailman/listinfo/kerberos
    >>

    >
    >
    >

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  6. Re: unix active directory

    "Tim Alsop" writes:

    > Michael,
    > I suggest you take a look at XAD (www.padl.com). This is a product that
    > runs on Linux, and looks like an Active Directory domain controller.


    PADL pulled XAD from its website for reasons not yet announced. Maybe
    Luke Howard will want to comment (or maybe not. ).

    --Quanah


    --
    Quanah Gibson-Mount
    Principal Software Developer
    ITS/Shared Application Services
    Stanford University
    GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

+ Reply to Thread