Michael Leone on 25 Aug 2016 09:50:37 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Questions regarding LDAP and AD

On Thu, Aug 25, 2016 at 12:38 PM, Tone Montone <tonemontone@gmail.com> wrote:

> Unix systems point to the DS.  However, I read that in some instances you
> can have systems point directly to AD servers and get their authentication
> directly from the AD, so you don't need an LDAP intermediate server, but I
> am not sure it will work for all systems/OSes.  e.g. I read that you could
> use RHEL's IdM (Identity Manager) on RHEL 6, but I don't think this will
> work on RHEL 5.

That part, I don't know. But yes, you can LDAP calls (anonymous and
otherwise) directly to an AD domain controller. We have a number of
applications that do LDAP lookups of user accounts, for example, to
get group membership, to verify that the account is authorized to
access something.
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug