Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

can Linux RHEL NIS Kerberos-based replace Windows Active Directory

Posted on 2011-02-27
9
Medium Priority
?
505 Views
Last Modified: 2012-05-11
Hi all,

can Linux RHEL NIS or Kerberos-based replace Windows Active Directory? If NO, why not.
our Clients is windows.

thanks
0
Comment
Question by:rawandnet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34994693
(out of points, please)
I'm not an expert in Linux technology, but I've recently read somewhere about Fedora 389 Directory Server and I think it can be a part of existing domain and can be a separate environment where your machines could work. If you can test it, do it. Maybe it's worth :)

Check this project home page for installation and more details with downloads (install guide for Red Hat)
http://directory.fedoraproject.org/wiki/Install_Guide

Home Page
http://directory.fedoraproject.org/

Regards,
Krzysztof
0
 

Author Comment

by:rawandnet
ID: 34994823
I wanted to know the disadvantage of moving to Linux authentication rather than Active directory, example with windows server there is group policy that can be implemented on windows client.  I don’t know if that is possible with Linux server. currently we use Vista client, can Linux server control clients roaming profiles, and other permission and privileges?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34994871
Nope, that's the only Windows-based domain functions. I would suggest using Windows AD rather that Linux. It's much easier in management and more powerful. If you need to use your Linux/UNIX then you can use NIS as you said (available in 2003 R2 and above)

I'm a Windows guy and I prefer using it than Linux :]

You can check some info about AD features
http://msdn.microsoft.com/en-us/library/cc737139%28v=ws.10%29.aspx
http://www.microsoft.com/windowsserver2003/technologies/directory/activedirectory/default.mspx

Krzysztof
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 48

Expert Comment

by:Tintin
ID: 34994950
I would either use OpenLDAP or Samba on the Linux side.

From memory, I don't think Windows has any native NIS support.

0
 

Author Comment

by:rawandnet
ID: 34995859
I worked with AD but not with openLDAP. What feachers AD has OpenLDAP doesn’t. Currently we have server 2003 that has Domain controller with AD with group policy implemented, the clients are vista.
I have been asked to replace those windows server with linx.

The question is; if I use OpenLDAP does it replace windows AD. Can OpenLDAP do same function as windows AD does?
0
 
LVL 31

Accepted Solution

by:
farzanj earned 2000 total points
ID: 35002958
It will have multiple parts.

You need authentication and you need centralized storage.  Furthermore you need security and probably scalability --depending upon your organizational size, etc.


SAMBA can act as a primary domain controller for Windows clients.  I have done it in the past.  It is easy to configure.
You can use some implementation of LDAP in conjunction with SAMBA.  So LDAP would keep the directory data which would be fast and scalable.  You would further need to add security features to it because you may not want passwords to travel over the network unencrypted.  So you can use one of many mechanisms to do that -- TLS, SASL or Kerberos.

If you want to keep it very simple in a small setup, all you need is SAMBA.

NIS is mostly used for Unix/Linux clients.  How would you centralize account storage?  I am not even sure how the authentication would work on Windows with NIS  -- never heard of it.  It has always been typically for pure Unix/Linux environments.

Try
http://www.howtoforge.com/centos-5.x-samba-domain-controller-with-ldap-backend
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 35422473
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question