| All Forums |
Register |
Login |
Search |
Subscriptions |
My Profile |
Inbox |
| Tool Warehouse |
FAQs |
Resources |
Help |
Member List |
Address Book |
Logout |
|
|
Active Directory Integration HP-UX 11
|
Logged in as: Guest |
| Users viewing this topic: none |
|
Login  |
|
|
 Active Directory Integration HP-UX 11 - Jun. 9, '04, 10:25:41 PM
|
|
|
tom.cadle
Posts: 4
Joined: Jun. 9, '04,
Status: offline
|
I am working on a project to integrate a Windows Server 2003-based Active Directory with HP-UX 11.
I understand that there is a schema modification necessary (or preferred) in order to make password synchronization seemless.
My problem is two-fold, for starters I am completely unfamiliar with SFU 3.5 AND to round it off, I am NOT a UNIX guy.
AHHHHHHH!
Thank you for your time and whatever assistance you can provide to this humble novice.
Regards.
< Message edited by Forum_Admin -- Jun. 29, '05, 11:11:18 PM >
|
|
|
|
 RE: Active Directory Integration - Jun. 10, '04, 12:43:50 AM
|
|
|
markfunk
Posts: 669
Joined: Mar. 31, '03,
Status: offline
|
you probably want to look at Vintella - http://www.vintella.com/
|
|
|
|
|
RE: Active Directory Integration - Jun. 10, '04, 7:53:59 AM
|
|
|
tom.cadle
Posts: 4
Joined: Jun. 9, '04,
Status: offline
|
Even Vintela uses the schema modification which is installed as part of SFU 3.5 (or so I'm told)
|
|
|
|
|
RE: Active Directory Integration - Jun. 10, '04, 11:31:19 AM
|
|
|
Rodney
Posts: 3695
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
The two are different. The Vintela product is more comprehensive than what
comes with SFU 3.5. Vintela has a free 60-day demo so you can give it a try.
On the Vintela FAQ page they have the entry:
How does VAS compare with SFU?
SFU includes a number of features, one of which, its ability to act as an NIS server, is another approach to achieve limited integration between Unix and Active Directory. See the document VAS and Microsoft Windows Services for UNIX compared.
(that's a link to http://www.vintela.com/products/vas/docs/VAS_SFU.pdf)
I think (and Mark may correct this later  ) that Mark was pointing to Vintela
because you're wanting to integrate with AD. SFU's sol'n is to manage the Unix/Linux
boxes with NIS for passwords. But that limits it's involvment with AD. The Vintela
product, called "VAS", uses LDAP and Kerberos to do the management. AD uses Kerberos.
Reading the above mention PDF may help you. You should learn some more about NIS at
even a broad/conceptual level so you can understand the comparisons. If you're working
with Unix machines to integrate them under AD you're going to have know what they do,
how and why.
Here's a link:
http://www.free-definition.com/Network-Information-Service.html
for you to read about NIS. It'll get you the basic definitions.
You should get some NIS reading material too. I can recommend
"Managing NFS and NIS", 2nd Edition, O'Reilly Books, by Hal Stern.
< Message edited by Rodney -- Jun. 10, '04, 11:32:31 AM >
|
|
|
|
|
RE: Active Directory Integration - Jun. 10, '04, 1:04:00 PM
|
|
|
NMDANGE
Posts: 23
Joined: Mar. 26, '04,
Status: offline
|
Samba 3 supports joining an Active Directory domain using Kerberos, though I don't know if it'd work on HP-UX.
|
|
|
|
|
RE: Active Directory Integration - Jun. 10, '04, 7:54:08 PM
|
|
|
tom.cadle
Posts: 4
Joined: Jun. 9, '04,
Status: offline
|
Thanks guys... I've got my reading list in tow, I appreciate the assist.
Regards.
|
|
|
|
|
RE: Active Directory Integration - Jun. 29, '04, 3:25:26 PM
|
|
|
hebele
Posts: 1
Joined: Jun. 29, '04,
Status: offline
|
test
|
|
|
|
|
RE: Active Directory Integration - Jul. 20, '04, 10:52:56 AM
|
|
|
HohenfelsJoe
Posts: 2
Joined: Jul. 20, '04,
Status: offline
|
Hello,
I am trying the same, working on a project to integrate a Windows Server 2003-based Active Directory with Red Hat AS 3.0, Have you had any luck? I have not tried Vintela, I am trying to use ldap, SFU 3.5 and Kerberos. Any insight you might have would be appreciated.
Thanks
|
|
|
|
|
RE: Active Directory Integration - Jul. 20, '04, 11:22:12 AM
|
|
|
tom.cadle
Posts: 4
Joined: Jun. 9, '04,
Status: offline
|
UNIX integration will be in the next phase of our migration.
I have not yet begun any testing, I made my post in hope of getting all the necessary information/tools together.
As soon as our testing is complete I will post my findings here.
Regards.
|
|
|
|
|
RE: Active Directory Integration - Jul. 20, '04, 9:12:56 PM
|
|
|
jasonzions
Posts: 1
Joined: Jul. 20, '04,
Status: offline
|
Microsoft released a pretty big guide on how to do this (make UNIX systems do authentication and authorization through AD). You can pick up the current version here.
Microsoft announced at TechEd US that the team which built that guide is revising it to explicitly support HP-UX 11 (i.e. they're going to test with HP-UX systems, include the exact commands to be issued there, etc.). The current guide, called "version 0.9", supports Solaris and RedHat; see the guide itself for the specific versions tested.
_____________________________
Jason Zions
Microsoft Corporation
Disclaimer: All information is provided as-is.
|
|
|
|
 RE: Active Directory Integration - Jul. 24, '04, 11:51:30 PM
|
|
|
HohenfelsJoe
Posts: 2
Joined: Jul. 20, '04,
Status: offline
|
Thanks! I will check it out and let you know what happens.
|
|
|
|
|
RE: Active Directory Integration - Jun. 21, '05, 10:42:25 AM
|
|
|
benmartins
Posts: 7
Joined: Apr. 28, '05,
Status: offline
|
I have been tasked with integrating Unix/Linux with Active Directory.I am considering using ldap,kerberos, and services for unix.There are no funds for commerical tools.The *nix servers does not use NIS but /etc/passwd for authentication,so I am wondering if only installing SFU on the AD which will change the schema on the AD will be the only thing that I need to do before AD sees the *nix servers as its client.
|
|
|
|
|
RE: Active Directory Integration - Jun. 21, '05, 10:59:43 AM
|
|
|
Rodney
Posts: 3695
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
|
In the post by jasonzions above he has a link to a Guide from MS
that you should read (or a least heavily skim) to get you a scope of what
can be done. The information is pretty detailed, so it's worth your time.
You need to have something running on the Unix servers that will communicate
to AD for password information. That can be done with the SSOD (aka password
synchronization) which is officially supported on a select number of Unix systems.
But the source for SSOD is with the SFU release so you can built it for others.
Note that SSOD will only do passwords, not other user information such as what
you get back from a getpwuid(2) call, that's more the realm of NIS (which SFU
will do as well). But you aren't using NIS, so this is likely not a concern.
Anyway, read the Guide from the link above. You may get some other ideas too.
< Message edited by Rodney -- Jun. 21, '05, 11:04:47 AM >
|
|
|
|
|
RE: Active Directory Integration HP-UX 11 - Aug. 3, '05, 4:27:59 AM
|
|
|
brian.read
Posts: 1
Joined: Aug. 3, '05,
Status: offline
|
quote:
ORIGINAL: tom.cadle
I am working on a project to integrate a Windows Server 2003-based Active Directory with HP-UX 11.
I understand that there is a schema modification necessary (or preferred) in order to make password synchronization seemless.
My problem is two-fold, for starters I am completely unfamiliar with SFU 3.5 AND to round it off, I am NOT a UNIX guy.
AHHHHHHH!
Thank you for your time and whatever assistance you can provide to this humble novice.
Regards.
I just read an article that referred to schema attribute changes to support Linux authentication. Its an old article but definately targets to your original post. May get you a little closer.
http://linuxmafia.com/faq/Security/active-directory.html
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
|
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
|
|
Printable Version
