[Beowulf] Windows client authentication (was: Re: Active directory with Linux)
Many of your questions may have already been answered in earlier discussions or in the FAQ. The search results page will indicate current discussions as well as past list serves, articles, and papers.
Dave Love d.love at liverpool.ac.ukMon Oct 27 09:10:31 PDT 2008
- Previous message: [Beowulf] Re: Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
"Jon Aquilina" <eagles051387 at gmail.com> writes: > my question though is what is the best way in the linux world to get windows > machines to join a linux domain which is being hosted by bind I don't understand the question, but it sounds off-topic unless you have a heterogeneous cluster. As I understand it, `joining a domain' is basically sharing an authentication token -- a Kerberos key in the case of AD. (It probably also involves ceding control of the client system to the `domain controller', à la what Centrify & al will do if you're not careful.) The `domain' in the AD case is basically a Kerberos realm. Realms aren't intrinsically related to DNS, though typically a site's realm is named after its domain; it's just that AD unfortunately conflates them, amongst other things. If you have the misfortune to have nodes running MS Windows and want them to authenticate to a normal Kerberos realm, see e.g. <URL:http://www.h5l.org/manual/heimdal-1-1-branch/info/heimdal.html #Configuring-Windows-2000-to-use-a-Heimdal-KDC>, though I've not done that in a cluster. For ultimate control on clients, you can use the PAM-like system (in MS Windows XP, at least) called GINA.
- Previous message: [Beowulf] Re: Active directory with Linux
- Next message: [Beowulf] Re: Active directory with Linux
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Beowulf mailing list