[gpfsug-discuss] Integration with Active Directory
Simon Thompson (Research Computing - IT Services)
S.J.Thompson at bham.ac.uk
Fri Feb 26 10:12:21 GMT 2016
In theory you can do this with LDS ...
My solution though is to run LDAP server (with replication) across the CTDB server nodes. Each node then points to itself and the other CTDB servers for the SMB config.
We populate it with users and groups, names copied in from AD. Its a bit of a fudge to make it work, and we found for auxiliary groups that winbind wasn't doing quite what it should, so have to have the SIDs populated in the local LDAP server config.
Simon
From: <gpfsug-discuss-bounces at spectrumscale.org<mailto:gpfsug-discuss-bounces at spectrumscale.org>> on behalf of "Longworth, Gethyn" <Gethyn.Longworth at Rolls-Royce.com<mailto:Gethyn.Longworth at Rolls-Royce.com>>
Reply-To: "gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>" <gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>>
Date: Friday, 26 February 2016 at 09:04
To: "gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>" <gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>>
Subject: Re: [gpfsug-discuss] Integration with Active Directory
Has anyone done an ldap set up where they are effectively adding extra user info (like uids / gids / samba info) to existing AD users without messing with the original AD?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20160226/9e0b4ee5/attachment.htm>
More information about the gpfsug-discuss
mailing list