What is the matching of Active Directory on Linux
I have a number of equipments in the house (plus a variety of Linux boxes running in VMs) and also I am intending to make use of among them as a central file server.
Given that I am extra a Linux customer as opposed to a sysadmin, I would certainly such as to recognize what is the matching of, allow's claim "Active Directory"? My purpose is to have my documents in any one of the equipments that I logon in my network.
If you're actually simply attempting to share documents from one web server to a couple of various other equipments, you might simply intend to make use of something less complex like Samba (specifically if you're interoperating with some Windows customers) or NFS shares.
I have actually attempted OpenLDAP and also Samba 3.x and also both will not offer you the central verification that you are seeking. As wzzrd claimed, Samba 4.x possibly will offer you that. Samba 3.x domain name controller is extra like a workgroup alternative. You still require to create customers in Unix/Samba along with Windows and afterwards map them. Ultimately I got rid of OpenLDAP and also usage just Samba currently.
You either construct your very own Active Directory - matching from Kerberos and also OpenLDAP (Active Directory primarily is Kerberos and also LDAP, anyhow) and also make use of a device like Puppet (or OpenLDAP itself) for something appearing like plans, or you make use of FreeIPA as an incorporated remedy.
There's additionally a variety of readily sustained LDAP web servers for Linux, like Red Hat Directory Server. RHDS (like 389 Server, which is the free variation of RHDS) has a wonderful Java GUI for monitoring of the directory site. It does neither Kerberos neither plans though.
Directly, I actually like the FreeIPA task and also I assume it has a great deal of possibility. A readily sustained variation of FreeIPA is consisted of in typical RHEL6 registrations, I think.
That claimed, what your are inquiring about is extra like a fileserver remedy than a verification remedy (which is what ADVERTISEMENT is). If you desire your files on all equipments you log right into, you need to set up an NFS server and also export an NFS share from your fileserver to your network. NFSv3 has IP - array based ACL's, NFSv4 would certainly have the ability to do correct verification with Kerberos and also incorporates perfectly with the verification alternatives I defined over.
If you have Windows boxes on your network, you will certainly intend to arrangement a Samba server, which can share out your files to Linux and also Windows boxes alike. Samba3 can additionally function as an NT4 design domain name controller, whereas Samba4 has the ability to resemble a Windows 2003 design domain name controller.
If you simply desire centralised verification, consider NIS or NIS+ (previously called yellow web pages which is why all the commands begin with 'yp').
Configure your major web server as the master NIS web server, after that set up all the various other boxes to make use of NIS to confirm customers.
The wikipedia web page for NIS is below : http://en.wikipedia.org/wiki/Network_Information_Service and also the Linux NIS Howto is below : http://www.tldp.org/HOWTO/NIS-HOWTO/
For a standard residence network NIS will certainly be great. If you require even more control over which customers can see which web servers you'll require to make use of NIS+