Security Basics mailing list archives
RE: Unix/Linux accounts integrated within AD?
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Wed, 29 Aug 2007 17:53:26 -0400
The short answer is yes There are several ways to do this and several whitepapers and a few books on it (I've read two books on it, one by Mark Minasi called Linux for Windows Administrators, and another excellent one by Jeremy Moskowitz (http://www.amazon.com/Windows-Linux-Integration-Hands-Solutions-Environ ment/dp/0782144284) on integrating Windows and Linux environments, and both are very good. The latter one has more detail on integration than the former,and there are many, many other books on the subject. On method is to enable LDAP on the non-Windows side and then use LDAP tools (on the Windows or Linux side) to manage the users and passwords. You can also install Services for Unix (or whatever it is called depending on the version) and manage the whole thing from Windows. There are many other methods. All of them take a little work, and none of the solutions are perfect. For the most part you don't get things like Group Policy on the Linux side (unless you buy Novell's SUSE), but you can manage user accounts, passwords, and the like across environments. Plenty of caveats, but its easier than managing two different systems. Roger ***************************************************************** *Roger A. Grimes, InfoWorld, Security Columnist *CPA, CISSP, CISA, MCSE: Security (2000/2003), CEH, yada...yada... *email: roger_grimes () infoworld com or roger () banneretcs com *Author of Windows Vista Security: Securing Vista Against Malicious Attacks (Wiley) *http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470 101555 ***************************************************************** -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Dummy cerberus Sent: Wednesday, August 29, 2007 2:44 AM To: security-basics () securityfocus com Subject: Unix/Linux accounts integrated within AD? Hello, First of all, thank you very much for your help wit my question about GPOs and so on... your answers helped me a lot... Now I have the following question: I have found that my organization has several kind of OS installed on computers... most of them are W2K/W2K3 integrated within a W2K domain... Since admins have to remember lots of accounts/passwords for the W2K* servers, and the others with Linux, HP-UX, Solaris, etc... I have found that most of the passwords are too simple, and repeated all over the non-W2K* systems... I have tried with a password manager, but some times we lost a valuable time searching for the strong password for one system at the password manager software... Is there anyway to integrate the OS accounts of UNIX-like sysetms with an AD? Best regards
Current thread:
- Unix/Linux accounts integrated within AD? Dummy cerberus (Aug 29)
- RE: Unix/Linux accounts integrated within AD? Roger A. Grimes (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Serguei A. Mokhov (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Daniel Miessler (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Nikhil Wagholikar (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Steve Olive (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Ali, Saqib (Aug 30)
- Re: Unix/Linux accounts integrated within AD? gjgowey (Aug 30)
- RE: Unix/Linux accounts integrated within AD? John Hammond (Aug 30)
- Re: Unix/Linux accounts integrated within AD? Ivan . (Aug 30)
- RE: Unix/Linux accounts integrated within AD? liran (Aug 31)
- <Possible follow-ups>
- Re: Unix/Linux accounts integrated within AD? shiva (Aug 30)
(Thread continues...)