[KLUG Members] Managing AD from Linux?

[Bruce Smith]

> > I have ldaps: (SSL-636) working on AD, and can connect to it from
> > Evolution.  Searches work, but I can't save anything.  All boxes in the
> > EV contact properties seem to be read-only, and the OK button is not
> > active. (yes, I'm connecting as a user/admin with permissions to change)
> > Any suggestions on a Linux package to manage users on a AD server?
> 
> What type of bind are you performing?  I recall something about AD
> limiting the privileges of simple binds (where you provide a DN and a
> secret).  Try a DIGEST-MD5 bind, if that doesn't work your going to have
> to try GSSAPI (Kerberos).  

In Evolution I the only options I see are to login by DN and login using
email address (and anon).  I've tried both.  How do I tell it to use
other binds?

> The Samba Guide has information on joining a
> UNIX/LINUX system with MIT to an AD domian.
>
> You may want to look at -
> http://www.educause.edu/ir/library/powerpoint/nmd0311.pps
>  - it isn't a 100% solution since they use Netscape LDAP but does
> provide allot of information.  And you'd get UNIX kerberos as a side
> benefit.  Perhaps there connector works with the Fedora LDAP server?

Thanks, I'll take a look at those.

 - BS