Author Topic: Linux and FreeBSD clients  (Read 1269 times)

einarha

  • Zen Apprentice
  • *
  • Posts: 5
  • Karma: +1/-0
    • View Profile
Linux and FreeBSD clients
« on: January 07, 2020, 11:50:17 am »
Besides our Windows servers that connect to Zentyal with Active Directory, we also have
many FreeBSD and Linux servers that connect to Zentyal with basic LDAP (sssd and nslcd).

To get "true" unix behavior, with User Private Groups we create a group with the same name
as the user, and set that as the primary group of the user (using gidNumber, not primaryGroupID).

To do this with zentyal I have to use an external editor to edit the ldap attributes, because
a) Zentyal won't allow me to create a group with the same name as an existing user and
b) I can't change the gidNumber in Zentyal UI

I don't like having to manage users in two places (Zentyal UI and external ldap editor) and the
process seems overly complicated. Is there a way to achieve what I want using only the Zentyal
UI?

doncamilo

  • Zen Samurai
  • ****
  • Posts: 478
  • Karma: +165/-1
    • View Profile
Re: Linux and FreeBSD clients
« Reply #1 on: January 07, 2020, 03:34:01 pm »
 :)

I don't understand why do you need a domain security group for each one of the users. If you want to enable the domain users to work in the local server, enable the PAM module:



This way domain user can work in the local server:

Code: [Select]
root@zen61:~# groupadd bilbo
root@zen61:~# usermod -a -G bilbo LAB61\\bilbo


This way through ssh:

Code: [Select]
LAB61\bilbo@zen61:~$ whoami
LAB61\bilbo
LAB61\bilbo@zen61:~$ groups
LAB61\domain users bilbo BUILTIN\users

But this group 'bilbo' is useless in the domain ambiance and domain users should use shares managed by acl's through samba... I really don't understand your problem, I don't know if this will help you

Cheers!
- Do my pigeons bother you passing over your land?
- They block the sun!

G. Guareschi., Don Camillo.,

einarha

  • Zen Apprentice
  • *
  • Posts: 5
  • Karma: +1/-0
    • View Profile
Re: Linux and FreeBSD clients
« Reply #2 on: January 07, 2020, 09:31:28 pm »
Besides our Windows servers that connect to Zentyal with Active Directory, we also have
many FreeBSD and Linux servers that connect to Zentyal with basic LDAP (sssd and nslcd).

I mean that the Linux and Freebsd servers use zentyal for central authentication when users connect to them.