Winbind Configuration

Latest response

Hello. I want to enable winbind on my Redhat 5.9 server so that the users can authenticate in an AD environment so that I do not have to create accounts on the Redhat server. What do I need to do to accomplish this, what daemons need to be installed or enabled other than winbind? Is there another way to have authentication in an AD environment other than windbind?

Responses

authconfig (or its GUI equivalent) will do what you need to set Winbind up (assuming your winbind package is compatible with AD. If you're setting up multiple Linux hosts to auth against AD, you'll want to enable RID-mapping.

Primary alternatives are Centrify, PowerBroker/LikeWise, Quest and a couple others. The free versions are good, but, if you've got a really large AD domain, you may end up with UID/GID duplicates.

This might be complete overkill for what you are trying to accomplish, but... I would also recommend you review what Red Hat Identity Management can offer. It provides a conduit between your Linux hosts (using native tools and services) to different enterprise authentication stacks, such as A.D. One thing I like about RH-IDM is while providing authentication, it also adds a great deal of functionality (such as netgroups, automaps, etc...) and it is included with your subscription. The implementation requires a bit of research and planning and I would definitely recommend doing a Proof of Concept first.

We've recently released a Winbind Mapper tool which can help with Samba Winbind mapper configuration.

Nice, thanks Andrew!