5

I have a Win 2008 AD based network. I want to setup a few boxes with dual boot Win/Linux. How can I achieve to authenticate the users with existing AD in Linux?

All solutions - I have found yet - join the linux boxes to the domain. I think, this is a problem in case of dual boot and the same netbios name of the client. Are there possibilities without joining to domain?

The home dir should be on a nfs4 server (linux), so I need kerberos.

Which solutions are possible, which are most stable?

Thanks for any advice!

Sepp Hofbauer

Sepp Hofbauer
  • 51
  • 1
  • 2
  • It's not the NetBIOS name that's a problem-- it's that you, practically, can't allow both OS's to share the same computer account. (I suppose you *could* if you prevented the Windows machine from rotating the workstation trust password...) Why not just use a different computer name for the Linux OS? – Evan Anderson Oct 31 '14 at 01:23
  • I have an image cloning and deployment solution which is setting the hostname automatically from dns entries. I think to change this system is more complicated than making auth without domain membership. – Sepp Hofbauer Oct 31 '14 at 01:30
  • Could you not just adjust you imaging system to append an L or something to the hostname when applying the image? Or have a script in the os image that makes the change before it joins the domain? – Grant Oct 31 '14 at 02:33

2 Answers2

1

You can make local accounts in Linux for the users but authenticate from kerberos. When users login to Linux they will get a kerberos ticket from AD. No need to join the domain.

Ian
  • 366
  • 1
  • 6
  • It's a school with ca. 1000 users which often change. I wanted to avoid create local users. Is there a solution for auto creation? – Sepp Hofbauer Oct 31 '14 at 01:50
  • 1
    In that case you could get account details from ldap and authenticate from kerberos. – Ian Oct 31 '14 at 02:49
0

You can use AD authentication using just LDAP without Kerberos. See here: http://htfdidt.blogspot.ca/2014_06_01_archive.html

Python Novice
  • 341
  • 1
  • 4
  • 12