[Beowulf] Re: Active directory with Linux
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Dave Love d.love at liverpool.ac.ukFri Oct 24 05:48:11 PDT 2008
- Previous message: [Beowulf] Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Chris Samuel <csamuel at vpac.org> writes: > We were trying to do that for one of our members, but > were told by the AD admins that we could only use the > users credentials to bind to the AD server for queries > as they were using lockouts on failed password attempts > and so would not provide a "system" style account for > queries as locking that out would stop all users from > accessing the cluster. I don't understand that. If you need LDAP data, as opposed to just Kerberos authentication, and you're not allowed anonymous access to it, you either use a `well-known' password on a special account (which you're probably also not allowed...) or the `machine' account. The latter is what you get from `joining the domain' (e.g. with Samba) and, as far as I remember, is just the system's Kerberos host principal, whose key you stash in a keytab. Obviously avoid AD if you can, though.
- Previous message: [Beowulf] Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list