 |
 |
OS X, NT/2K, LDAP
|
|
|
|
|
Mac Elite
Join Date: Sep 2000
Location: Canada
Status:
Offline
|
|
Out of some miracle, I have convinced my boss to buy an OS X server. However, now the hard part: I need a way for user and group info on both the OS X server and two NT servers to sync. I know both OSes can use an LDAP server, but I have no idea how to implement such a plan.
I want to keep the solution simple. I will be able to grab an x86 box to use as an LDAP server if needed. If there is a way for the two OSes to sync user and group info without the use of another server, that would be great. However, I think this is highly unlikely.
Some background: Currently, there are two NT servers in place, both running version 4, SP 6. One server is for students (roughly 700), while the second is for staff (roughly 40). If needed, I should be able to get W2K installed on the servers. Network traffic is not a problem; a gigabit backbone with 10/100 switches should be in place this summer.
A related question: does NT/2K do AFP? I would most likely need to set up some home directories on the NT servers. Will "afp://labnt/students/studentname" work for a user's home directory in OS X?
If you haven't noticed, I work at a school. If Apple's education market share isn't motivation enough to help, I don't know what is...
|
|
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Oct 2000
Location: Vancouver
Status:
Offline
|
|
This is the same boat I am in... OSX can authenticate from an LDAP server, but Win2k will not. Win2k uses Kerberos for user Authentication. So from what I can tell, you will have to maintain your users on the Win2k system and it set up as an LDAP server for the OSX system to authenticate from.
If Im wrong in any of this some one please let me know...
I was hoping that OSX would also be able to act as an LDAP server... it wouldnt help with the Win2k authenticating, but I run some other services that can use LDAP, and it would save me having to maintain to many user databases...
I was also reading on stepwise that OSX's Directory Services is built as a plug in arcitecture so that third part developers can make diferent authentication moduals... Right now we had Netinfo and LDAP, but they (Apple) said thet there where third party opertinitios for Kerberos and Active Directory. MIT is currently working with Apple to impliment Kerberos, but I havent heard of anyone working on Active Directory.
But for me, I would like to maintain my users on the OSX system, so Authentication moduals are great and all, but it would be better to be able to server LDAP, Kerberos, and Active Directory...
Only time (and testing) will tell...
(If I have any of this wrong, please let me know!!)
|
|
|
| |
|
|
|
|
|
|
|
| |
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
