Linux
Authentication
Against
Active
Directory
|
Linux Authentication Against Active Directory (LDAP/SSL)
LAAAD | |
SYSTEM | Linux / Windows 200X server |
APPLICATION | Linux authentication against Active Directory through LDAP/SSL |
ABSTRACT | allows for integration of Linux workstations into Windows 200X (Active Directory) networks using standard protocols |
FEATURES | LDAP authentication
against
Active Directory: -user authentication from external Active Directory accounts (with no local Linux user account) -SSL-secure queries -home folder (directory) automatic creation on logging -open and close SMB session to SMB server's user folders, automatic mount and unmount of network volume |
TECHNOLOGIES | technologies used: - LDAP to query centralized account database for authentication - SSL encryption of queries with either -OpenLDAP+OpenSSL or -OpenLDAP+stunnel (which uses OpenSSL) as either xinetd service or standalone service, thus bypassing some OpenLDAP nasty bugs - NSS (Name Service Switch) to integrate Active Directory accounts - PAM for SMB session management and net volume mount and unmount (no need to be root) - PAM for automatic creation of user home folder - operations are possible on an SSH channel |
AUTHOR | Bernard Bou bbou@ac-toulouse.fr |
FEEDBACK | Bernard Bou bbou@ac-toulouse.fr |
DATE | 20/12/2004 |
VERSION | 2.0 |
REVISION | 2 |
KEY WORDS | Linux LDAP NSS SSL PAM Active Directory nss_ldap stunnel pam_mount pam_mkhomedir |
LAAAD inherits from the Unix tradition of integrating existing modules. Integration is carried out through shell or Python scripts. See modules and installed or modified files for further details.
|