Don't use Active Directory.
It's an even more broken smoke & mirrors security than Domain
Controllers. I used to demonstrate how a Workstation with server tools
installed and simply an adminstrative account on the "system" could
access or change anything without Active Directory or joining a Domain
at all. Some people thing Domains or Active Directory adds some extra
magical security pixie dust, it doesn't, it's just methods of
centralised user account management. Lots of more Ubuntu friendly ways
of doing it.
In a small office or where people always only use same machine, you can
simply just create the same account on workstation and server and thus
have no centralised overhead. Oddly more secure too.
If you have a username & password, you are in. So real issue is
centralised user account management. Lots of ways to do that.
Frank Duignan wrote:
> Not done it but openldap is your man here I suspect
>> On 08/08/07, Brendan Kehoe <brendan at zen.org> wrote:
>>> I've got a friend who wants to replace the OS on most of the systems in
>> his office with Ubuntu. The thing that's blocking him is trying to make
>> it use Active Directory to do authentication for access to shared
>> volumes. Have any of you pulled off such a trick?
>> Irish Linux Users' Group mailing list
>> About this list : http://mail.linux.ie/mailman/listinfo/ilug>> Who we are : http://www.linux.ie/>> Where we are : http://www.linux.ie/map/>>>>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!