Active Directory Authentication for clients
Brought to you by:
steven_shiau
Menu
▾
▴
Thanks for all your hard work on DRBL.
I am working on getting DRBL booted clients to authenticate to Microsoft Active Directory instead of NIS. I'm wondering if drblsrv or drblpush modify any of the kerberos configuration, nsswitch.conf, samba configuration, or automount configuration files.
Thanks!
Just an update...
I got this working... I modified the drblpush script to add 'compat winbind' to the nsswitch.conf lines that require it, and also made symbolic links to the samba and winbind startup scripts in the node_root/etc/rcX.d and node/ip.add.res.s/etc/rcX.d directories. It works very well. Now I just need to move the server off the test network to the regular network and make sure that NFS mounts from the servers on our network work like they should.
I can send you the updated script if you like, but it's a minor change. Maybe you could incorporate it into a question asked by the drblpush -i script?
Thanks.
Demian,
Thanks for your info.
From what you mentioned, I think it can be done by the following method without modifying any program:
1. Setup DRBL server by "drblsrv -i" and "drblpush -i" as mentioned in http://drbl.sourceforge.net/one4all/ normally.
2. Append "compat winbind" to any client's nsswitch.conf, say /tftpboot/nodes/192.168.100.1/etc/nsswitch.conf
3. Run "/opt/drbl/sbin/drbl-cp-hosts /tftpboot/nodes/192.168.100.1/etc/nsswitch.conf /etc/"
4. Run "/opt/drbl/sbin/drbl-client-service samba on"
5. Run "/opt/drbl/sbin/drbl-client-service winbind on"
If possible, please confirm this. After your confirmation, we will put it in Q&A.
Thanks in advance.
Steven,
Yes, that works just fine. It still requires manual editing of the nsswitch.conf, but that's ok by me.
Thanks for your help.
Demian,
Thanks for your confirmation. Yes, you still have to modify nsswitch.conf. The key here is not to touch the exe programs, just config files.
Already put it on the Q&A.
Thanks again.