Linux + Kerberos + Active Directory + Account UID Mapping?

  • humbletech99
  • Proficient
  • Proficient
  • User avatar
  • Posts: 300

Post 3+ Months Ago

I've played around with integrating Linux against Active Directory quite a long time ago and made this work with a couple of machines, so I know it's possible and that it can be done a couple of ways, including WinBind with NTLM or Kerberos.

Authenticating is the relatively easy part, but what I want is a way of keeping the same UIDs across all the Linux boxen. I have looked across lots of web searching and things I have bookmarked but they focus more on the authentication and the local separate UID/GUID maps kept by each individual linux box.

Does anyone know anything about the UID mapping across all linux boxen so that the same user account name and login will get the same UID across all machines?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

I don't know about Linux but with FreeBSD, I can change the UID of any user with the pw command.

pw usrmod -n don -u 100 or whatever UID you give it.

There must be a way to do that with Linux.
  • humbletech99
  • Proficient
  • Proficient
  • User avatar
  • Posts: 300

Post 3+ Months Ago

?

I don't want to change the UID of a user.

I want to have all Users authenticated by Active Directory and to have the same UID for a given user across all machines automatically.
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

http://blog.scottlowe.org/2007/07/09/li ... rver-2008/
  • humbletech99
  • Proficient
  • Proficient
  • User avatar
  • Posts: 300

Post 3+ Months Ago

thanks, that had links to older version which talk about 2003 pre R2 since I don't have that yet... looks very promising.
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

I used to manage a Windows 2000 Server and I don't remember AD giving out numeric IDs.
  • kc0tma
  • o|||||||o
  • Web Master
  • User avatar
  • Posts: 3318
  • Loc: Trout Creek, MT

Post 3+ Months Ago

Yeah, we've got a 2000/2003 mixed domain at work, and I can't remember any time actually seeing any UIDs. But there just has to be a way see who has what...there just as to be.
  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

I don't know about that. Windows doesn't read Linux very well.
  • humbletech99
  • Proficient
  • Proficient
  • User avatar
  • Posts: 300

Post 3+ Months Ago

I'm currently looking at Services for Unix. This extends the schema and allows some posix attributes like keeping a uid per user for unix based systems to use.

Post Information

  • Total Posts in this topic: 9 posts
  • Users browsing this forum: No registered users and 24 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.