LDAP authentication: Windows Server2k3 vs. 2k8
Posted
by
wolfgangsz
on Server Fault
See other posts from Server Fault
or by wolfgangsz
Published on 2010-11-04T14:06:58Z
Indexed on
2011/01/10
12:55 UTC
Read the original article
Hit count: 220
We have around 70% linux users, all of which are configured to authenticate against Active Directory through LDAP. In order for this to work, we used the "Windows Services for Unix" under Windows Server 2003, and it all works fine.
We are now at a point where the server running this contraption is getting a bit tired and will be replaced with a newer machine, running Windows Server 2008 (where the relevant services such as user name mapping and password changes, etc., are integrated with the OS).
And here's the rub: If a new user is configured through the Win2k3 server, then it all works fine. If the same thing is done through the Win2k8 server, then :
- The ADS plugin on the 2k3 server does not recognize it and behaves as if the UNIX attributes were never set.
- The user cannot authenticate against ADS using LDAP.
Has anybody encountered this problem? If so, how did you overcome this?
If you need any additional information to provide further help, just ask and I shall provide it.
© Server Fault or respective owner