[Beowulf] Linux cluster authenticating against multiple Active Directory domains
landman at scalableinformatics.com
Thu Jul 31 05:38:06 PDT 2008
If you don't mind using commercial tools, have a look at Centrify. Also
Centeris might work for this.
Chris Samuel wrote:
> Here's a curly one..
> We are helping a Uni set up a Linux cluster (CentOS 5
> based) and we've found out that they have two separate
> Active Directory instances, one for staff and one for
> They want the cluster to be able to authenticate against
> both, as users might be on either service.
> They have assured us that we can just their ADSs as
> if they are LDAP servers, which is OK, but it looks
> like Linux doesn't really want to know about using
> multiple LDAP servers except in a failover/round-robin
> Our current best guess is to get an LDIF dump of
> the users who are to be given access (signified
> by an LDAP attribute) and then load those into a
> local OpenLDAP or FDS server.
> We do have various other wacky ideas about using
> Samba 4, but I don't know if that can belong to
> multiple AD instances..
> Unfortunately our contact at the institute who
> knows about their ADS config is tied up for the
> moment so we can't pick his brains and I was
> wondering if anyone else had run into this sort
> of issue and knows if it does have a solution ?
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax : +1 734 786 8452
cell : +1 734 612 4615
More information about the Beowulf