OT - AD Admin - WAS: Rudimentary article on joining Linux to active directory
Dan Lund
situationalawareness at gmail.com
Fri Jul 27 00:25:13 MST 2007
Thank you for thw detailed explanation, I do really appreciate that!
I've learned something new today.
On 7/26/07, Bryan O'Neal <BONeal at cornerstonehome.com> wrote:
> Open AD Users and Computers, right click on the user, go to accounts,
> click the Log Onto button and select the allowed computers.
>
> Alternately you can restrict who can read and write to the computer in
> the computers properties security tab, however this is very heavy handed
> and restricts all access not just counsel level logins.
>
> Alternately you can move the computer to another container, such as the
> server container, and have a group policy that only certain people can
> log into computers in that container (Google active directory managing
> group policies, it gets tricky if you don't do it all the time) but
> this is the preferred method
>
> The KDC should not issue a certificate to a computer that it can not
> access.
>
> -----Original Message-----
> From: plug-discuss-bounces at lists.plug.phoenix.az.us
> [mailto:plug-discuss-bounces at lists.plug.phoenix.az.us] On Behalf Of Dan
> Lund
> Sent: Wednesday, July 25, 2007 9:05 PM
> To: Main PLUG discussion list
> Subject: Re: Rudimentary article on joining Linux to active directory
>
> You can do it under AD?
> I didn't realize that... what's the proper way?
> Forgive me, but it'd be nice to know this :)
>
> On 7/25/07, Bryan O'Neal <BONeal at cornerstonehome.com> wrote:
> > You restrict it using either the appropriate pam config, or two (the
> way
> > I do it) using windows active directory. I know, I am evil, I didn't
> > even try it under Linux, I went right to the authenticating server and
> > restricted it their using a nice windows gui that has worked for me
> for
> > so many years now... Sigh,
> >
> > Any one know a better answer?
> >
> >
> >
> > -----Original Message-----
> > From: plug-discuss-bounces at lists.plug.phoenix.az.us
> > [mailto:plug-discuss-bounces at lists.plug.phoenix.az.us] On Behalf Of
> Dan
> > Lund
> > Sent: Monday, July 23, 2007 9:07 AM
> > To: Main PLUG discussion list
> > Subject: Re: Rudimentary article on joining Linux to active directory
> >
> > Done this before, the one thing I want to know is how to make it so
> only
> >
> > a certain group or user can log in via the AD login information.
> >
> >
> > Bryan O'Neal wrote:
> > >
> > > This is clearly written from a windows users point of view, and is
> > > mildly simplistic, but it is not a bad article
> > >
> > >
> > >
> > >
> >
> http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1264223,00.html?t
> > rack=NL-118&ad=596213&asrc=EM_NLN_1822926&uid=6232170
> > >
> >
> <http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1264223,00.html?
> > track=NL-118&ad=596213&asrc=EM_NLN_1822926&uid=6232170>
> > >
> > >
> > >
> > >
> > >
> > > **Bryan O'Neal***
> > > Cornerstone Homes & Development, Inc.*
> > > 4220 E. McDowell Rd Ste. #108
> > > Mesa, AZ 85215
> > > (480) 505-1900
> > >
> > >
> > >
> > >
> >
> ------------------------------------------------------------------------
> > >
> > > ---------------------------------------------------
> > > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change your mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> > ---------------------------------------------------
> > PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
>
> --
> "Courage is like love; it must have hope to nourish it."
> -Napoleon Bonaparte
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
"Courage is like love; it must have hope to nourish it."
-Napoleon Bonaparte
More information about the PLUG-discuss
mailing list