What's the better user authentication server for hibrid envs Win/Linux?

Hi,

I'm the system admin for a university, and the actual user server
is Windows 2000 Server + Active Directory. Now, I have clients
Win NT 4 Workstation, Win 2000, Win XP and Linux (Conectiva and
Fedora distributions).

Then, I'd like to change Windows 2000 Server to Linux Server.
What's the better solution for user server?

1st) Linux Samba: I think it's better for Windows clients, but
for Linux clients I didn't see an easy way for these to connect
to Linux Server Samba. I'd like that the user login window would
try to connect directly into server, not locally, and to map the
network user home dir automatically to local /home/<user> dir.

2nd) A hibrid system, with Linux Samba Server for Windows clients
and a NIS/NFS ou LDAP Server for Linux clients. Is this solution
possible? Is it so integrated between client and servers?

3rd) Is there some other solution to solve this? And a solution
with only a single user server, not many server applications?

Edilmar Alves wrote:
> Hi,
>
> I'm the system admin for a university, and the actual user server
> is Windows 2000 Server + Active Directory. Now, I have clients
> Win NT 4 Workstation, Win 2000, Win XP and Linux (Conectiva and
> Fedora distributions).
>
> Then, I'd like to change Windows 2000 Server to Linux Server.
> What's the better solution for user server?
>
> 1st) Linux Samba: I think it's better for Windows clients, but
> for Linux clients I didn't see an easy way for these to connect
> to Linux Server Samba. I'd like that the user login window would
> try to connect directly into server, not locally, and to map the
> network user home dir automatically to local /home/<user> dir.

Linux clients can authenticate to either Samba or NT password server.
Look into pam_winbind.so. You just stick that module in whatever place
you need (xdm, login, etc) on linux clients and enjoy. You will have
to run winbind on Linux clients.
http://www.samba.org/samba/docs/man/pam.html

You can also use LDAP for UNIX auth info, separate Samba passwords db,
but syncronize the two using "passwd chat" - in smb.conf and pam_ldap.so
in pam configuration module for passwd on *samba server*.

Network user home dir can be done in several ways. Simplest is to
export home dirs tree over NFS and SMB, and use NFS for Unix cliuents
and SMB for Windows. NFS is not very secure though.

You can also use pam_mount. Just remember that authentication tokens
are destroyed after auth stack. You will have to stick pam_mount into
auth stack. Wih pam_mount you mount only authenticated user`s
directories. pam_mount page has some good examples.
http://www.flyn.org/projects/pam_mount/

If you need more help, just holler to this thread again.

Andrey Asadchev <(E-Mail Removed)> wrote
news:c5n7hg$3jca7$(E-Mail Removed):
> I'm the system admin for a university, and the actual user server
> is Windows 2000 Server + Active Directory. Now, I have clients
> Win NT 4 Workstation, Win 2000, Win XP and Linux (Conectiva and
> Fedora distributions).
>
> Then, I'd like to change Windows 2000 Server to Linux Server.
> What's the better solution for user server?
>
> 1st) Linux Samba: I think it's better for Windows clients, but
> for Linux clients I didn't see an easy way for these to connect
> to Linux Server Samba. I'd like that the user login window would
> try to connect directly into server, not locally, and to map the
> network user home dir automatically to local /home/<user> dir.

Linux can easyly mount SAMBA/Windows share (SMBFS: samba filesystem), using
smbmount command.

> 2nd) A hibrid system, with Linux Samba Server for Windows clients
> and a NIS/NFS ou LDAP Server for Linux clients. Is this solution
> possible? Is it so integrated between client and servers?

Windows station : use SAMBA SAM support or SAMBA domain controller support
Linux station : use PAM module to access the SAMBA SAM database, or an LDAP
server (on Linux)

Regards