Somehow I had never come across Likewise-Open, but basically it takes all of the fiddly bits of adding a *nix machine to Active Directory. That is correct! No more do you have to mess with NTP, Kerberos, Samba, and Winbind! Huzzah! Finally, someone wrapped all of that crap up!
In the article, the poster (who is unnamed, otherwise I'd use it) noted that he was unable to ssh using domain credentials, but could locally. I found this to be true initially, but it appears that he may have been suffering at the hands of syntax. I was able to get ssh to work from a *nix host using any of these syntaxes:
ssh 'domain\user'@sshserver
or
ssh "domain\user"@sshserver
or
ssh domain\\user@sshserver
As we're a Windows shop, I'm using mRemoteNG as a connection-manager, and it wraps the username in doublequotes automatically, so simply domain\user works there.
Being a Ubuntu server (I'm moving to 12.04 Precise Pagolin), I prefer to keep to the sudo mentality, so I've added this line to my /etc/sudoers:
%ernstinfo\\domain^admins ALL=(ALL) ALL
This could be done better in terms of granularity, but that's a yak for another day...
-Waldo
Another point of note; if you don't want to keep typing in the domain everywhere and worrying about escaping backslashes, you can set up Likewise/PowerBroker (new name) to use a domain by default. It's very handy. :)
ReplyDelete