Hello,

Before I go off on the wrong track could somebody please confirm that I can use winbind on Linux to authenticate Baan/Linux users to Windows AD.

My set-up -

OS = Red Hat 4.0 ES
Baan = 4c4 SP20
Client OS = Windows XP

Currently for every Baan user we have a Linux OS user. What I want to acheive is that Baan users will authenticate against their Windows AD account when logging in to Baan. Thus centralising user management including password control.

I should admit now that I'm new to Linux.

I have been reading about SAMBA and winbind and on paper it looks as if these will give me the solution I'm after. However, what you read on paper can sometimes be different in the real world!

I still want to make sure that Baan access is only limited to certain users and only access to the Baan application is permissible, no telnet, ssh, sftp or anything else.

Am I looking in the right direction for my solution? If not could somebody please give me some ideas. Should I be using LDAP instead?

Thanks in advance.

PJ

Hi PJ,

I tried this long time ago using Samba on a HP-Ux Box. The keyword here is PAM (Pluggabel Authentication Module). And yes it was possible to authenticate against the AD login. I assume it works also on Linux.

Basically, it makes your windows user appear like unix users. But then you do need to takle extra care to avoid them being able to login also via ftp, ssh, telnet etc. But it can be done and would also be the case, if you create the users locally.

Markus

Hello,

I managed to get Baan users logging in with their Windows AD accounts but in the process I've broken a Samba share that we had running prior to implementing winbind.

I've tried posting on a couple of Linux forums but you just don't get the response that you do from baanboard.

I've attached my problem just in case anybody can help me.

Thanks

PJ