I'm still a newbie to linux administration and I'm used to the
novell/ms way of doing things, so I'm not sure about the right
terminology to use here. Let me describe what I want to do.
With Windows XP Professional/2000/NT, a user needs a local account on
a machine to log on to the computer. However, if the computer is
networked, the user can authenticate against the active directory
server and have a local account automatically created. New users can
be added once on the server and the account can then log in to all
client computers that point to the correct domain.
If I have a linux box, I have to create the account locally for the
user to log in. I used Red Hat 9, told it to use kerberos as its
authentication source and correctly pointed it at our university's
kerberos servers. But in order to let a user login on the machine, I
still had to type "useradd mynewuser" at the command prompt on the
machine. If a user, say a student, can log in to any one of 50
different lab machines, I have to add that user to /etc/passwd on each
of those 50 machines. I know there are ways to script and cron this
so it happens automatically, but the other way just seems so much
What I'd like to be able to do is tell the linux box that any user
from a specific organizational unit in the active directory tree (or
any units under it) can log in on the box. Failing that, just that
any person authenticated by the university's active directory
domain/kerberos servers can log in.
If this were a pure linux environment, I assume I could just link
/etc/passwd and /etc/shadow to a networked share and then have 1 point
for all the computers or something similar.
Can anyone help me out or point me to some good man or how-to pages?