Linux Authentication Against Active Directory 90
Bandman writes "For a while now I've been looking for something to integrate my Linux/Mac corporate environment with Windows Active Directory. I was hoping for centralized authentication at best. As I found out, Likewise Software has produced two products, the free Likewise Open and the commercial Likewise Enterprise. Both of them provide much more than just a centralized repository for accounts. I wrote a review of Likewise Open, but I don't have enough experience with Active Directory to really do justice to Likewise Enterprise. If you've been trying to integrate the Linux and Windows worlds, this could be the easiest way to do it."
Re:Linux authenication aganist....can not connect (Score:3, Interesting)
It isn't Linux that I am concerned with. It's the entire datacenter.
I work with Solaris. We sell expertise. Used to be, our network was fine - no issues. Then, we had a merger. All of a sudden, the IT dept has to support Windows. What happens?
AD is deployed. This makes Windows happy happy. Not so happy on the Unix front. MS DHCP isn't quite right -- insists on resolv.conf entries that won't work. I can type machine.whole.damn.domain, works. Of course, if I could *use* AD, I would be only typing "machine". As well, printer definitions, etc. are all now Windows centric. Really nasty to access from anything else.
Windows came in, plopped its 800 lb body over EVERYTHING. And it just doesn't like to inter-operate. Says Windows, "I don't have to cooperate! No AD for you".
You know what? It doesn't. Sucks. Everything else inter-operates, and has to get along with new kid, who does things JUST ENOUGH DIFFERENTLY to force lock-in of users who just expect better. Yeah, we edit resolv.conf, and adjust it. Yeah, we have an extra server to buffer away the new printing pains. Yeah, we can export AD entries, and import into NIS. Yeah, we can run parallel file sharing (NFS and SMB). But its annoying to users. May as well just lock-in Windows and be done with it. And, the administration is different enough to create a divide as well.
And, you know what? I don't actually /blame/ Microsoft. After all, they /could/ pull this off. Admirable really. The creation of an entire software ecosystem that really doesn't have much to do with anything else. Jarring when an "external" technology is brought in (tumpet tcp/ip stack? Early MS inter-networking?). Eventually, folded and blended into the juggernaut that is Windows.
But I am still pissed. I understand, but I am not bothering to "learn" the Windows ecosystem. Others can do that, and leave me to my legacy stuff. Thank God I will probably retire soon (yeah, I am the crusty Mainframe & Unix guy here).
Sure, phase out the old, Sign me up; AD rulez! I wouldn't /bother/ to link up Linux (et. al.) to it. If needed, pull AD data, and import into NIS/NIS+ legacy, and get on with the work of replacing Unix with Windows.
K?