Linux clients in a Windows Active Directory domain - what policies can they receive? - Redhat

This is a discussion on Linux clients in a Windows Active Directory domain - what policies can they receive? - Redhat ; Gurus, While I know Linux clients can join a Windows Active Directory domain using a software called Winbind, can these Linux machines receive any sort of system policy sent to it by the Active Directory? Policies such as domain password ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Linux clients in a Windows Active Directory domain - what policies can they receive?

  1. Linux clients in a Windows Active Directory domain - what policies can they receive?

    Gurus,

    While I know Linux clients can join a Windows Active Directory domain using
    a software called Winbind, can these Linux machines receive any sort of
    system policy sent to it by the Active Directory? Policies such as domain
    password policies for instance?

    --
    Spin


  2. Re: Linux clients in a Windows Active Directory domain - what policies can they receive?

    Spin-
    While I'm not specifically familiar with WinBind, I do know that for other
    3rd party *nix/AD integration products, if you authenticate to AD from a
    Linux box using an AD user account, that account is subject to the account
    policies that have been applied to the AD domain controllers.

    In terms of the Linux box itself processing other Group Policy setting, I
    have never seen this supported except in commercial 3rd party products like
    Vintela, Centrify and Likewise, where they specifically created a version of
    the GP client on those non-windows platforms, and essentially translate, or
    have special extensions on Windows that are specific to non-Windows
    platforms.

    Frankly, what is needed is an open-source implementation of a Group Policy
    client engine that folks can write to, just as they can on Windows.


    Darren Mar-Elia
    MS-MVP-Windows Server--Group Policy

    *******************************
    Secure and configure your Windows desktops accurately every time without
    having to learn or install new technology.
    Find out more about Desktop Policy Manager at
    http://www.sdmsoftware.com/desktop_management
    *******************************


    "Spin" wrote in message
    news:6hlffkFmm8v5U1@mid.individual.net...
    > Gurus,
    >
    > While I know Linux clients can join a Windows Active Directory domain
    > using a software called Winbind, can these Linux machines receive any sort
    > of system policy sent to it by the Active Directory? Policies such as
    > domain password policies for instance?
    >
    > --
    > Spin



  3. Re: Linux clients in a Windows Active Directory domain - what policies can they receive?

    I would be interested if anyone can actually get this to work. I have
    doubts, since *nix doesn't have registry through which Group Policies
    operate. Also, most settings wouldn't apply in a *nix environment.


    "Spin" wrote in message
    news:6hlffkFmm8v5U1@mid.individual.net...
    > Gurus,
    >
    > While I know Linux clients can join a Windows Active Directory domain
    > using a software called Winbind, can these Linux machines receive any sort
    > of system policy sent to it by the Active Directory? Policies such as
    > domain password policies for instance?
    >
    > --
    > Spin




  4. Re: Linux clients in a Windows Active Directory domain - what policiescan they receive?

    The specific policy you mention in your post (password policies) are
    enforced at the domain level for domain accounts. So that policy would
    apply. It would not apply to local accounts on a Linux workstation.
    Other Group policy is not applicable using Linux clients with
    Samba/Winbind (yet)- those policies are proprietary to the Windows
    security model and involve things like registry values, etc that are not
    present on a Linux client.


    Spin wrote:


    > Gurus,
    >
    > While I know Linux clients can join a Windows Active Directory domain
    > using a software called Winbind, can these Linux machines receive any
    > sort of system policy sent to it by the Active Directory? Policies such
    > as domain password policies for instance?
    >


+ Reply to Thread