On Thu, 12 Sep 2002 23:12, Matt Kehler wrote:
> I'm trying to accomplish the same. To get NDS and the NT domains to
> talk, you need to install eDirectory on the MS servers. After that..it
> should essentially be 'seamless'. ie, if you have a user created in
> NDS, he will be able to login on the MS domain side using NDS
> credentials. If this works..I don't see why you couldn't get it to work
> via NTLM. Of course...I was just waiting for someone else to do all the
> work first :)
>
One alternative would be to use NT for authentication {winbind or ntlm_auth}
and NDS via LDAP {ldap_group} for access control. The upside is that it's
working for me with 2.5.PRE11. The downside is that you need an NT domain (or
samba? but thats another question) for any sort of transparent authentication
and then you have to keep usernames in sync with NDS. See todays
squid_ldap_group thread for another catch. Then again, if you are going to
put in a domain then you could use NT groups instead of NDS groups.
Received on Thu Sep 12 2002 - 07:44:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:18 MST