Under Linux, you can use winbind from the Samba suite of tools to authenticate with Windows Active Directory. Refer to Setup CentOS to authenticate via Active Directory for how to set up CentOS to authenticate to Active directory. Windows uses Kerberos to perform authentication so you'll need to set that up. The above link talks about running authconf with lots of parameters to set it all up. That may be a better way in the end but I got it working starting with authconf then tweaking. Here are my resultant files that seem to work. Later I might figure out how to do it with authconfig.
- First you'll need some software if it was not previously installed. The following installs all you need for CentOS (Ubuntu still needs to be investigated for the corresponding apt-get installation):
Install software
$ yum -y install authconfig krb5-workstation pam_krb5 samba-common - Edit /etc/krb5.conf to look like:
/etc/krb5.conf (Audience)
[libdefaults]
default_realm = AUDIENCE.LOCAL
ns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
audience.com = {
kdc = dc1.audience.local
admin_server = dc1.audience.local
}
/etc/krb5.conf (Knowles)
[libdefaults]
default_realm = KNOWLES.COM
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
knowles.com = {
kdc = dc1.knowles.com
admin_server = dc1.knowles.com
}