Anyone use centrify for this kind of thing? Sent via BlackBerry from T-Mobile -----Original Message----- From: Erik Anderson <erikerik at gmail.com> Sender: tclug-list-bounces at mn-linux.org Date: Mon, 7 Feb 2011 17:48:35 To: TCLUG Mailing List<tclug-list at mn-linux.org> Reply-To: TCLUG Mailing List <tclug-list at mn-linux.org> Subject: Re: [tclug-list] kerberos install On Mon, Feb 7, 2011 at 2:53 PM, Raymond Norton <admin at lctn.org> wrote: > Couldn't get things working on the box I was on. In my research I found > likewise-open, installed and configured on my laptop and was able to join > the domain. Just curious if there is a reason not to go that route? Last summer I completed a large project at $WORK, getting all of our linux hosts to use AD for authentication and authorization. I evaluated Likewise, but (for reasons stated below) chose to go with a "standard" LDAP/Kerberos setup. Likewise is a decent solution for simple AD domains, but if you do any amount of automation in your AD environment, it's a disaster. Likewise creates a bunch of hidden LDAP objects which is uses to store its data instead of using the standard RFC2307 attributes on the target objects. This makes it a *lot* more complicated to maintain programmatically than it needs to be. I'd be glad to share more information with you on this if you'd like, either on or off-list. -Erik _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota tclug-list at mn-linux.org http://mailman.mn-linux.org/mailman/listinfo/tclug-list