9. Authentication on workstations

9. Authentication on workstations
Prev	Chapter 6. Mandriva Directory Server	Next

When Samba is installed on Mandriva Enterprise Server 5, it is possible to login on workstations by authenticating on domain using LDAP, either on Windows^® or Linux.

For this, it is required that:

the workstation has joined the Samba domain;
user accounts have Samba access rights (for Windows^® clients only).

9.1. Windows^® clients

	Warning
	For Windows^® 7 (Seven) workstations, it is necessary to perform prior actions. Some Windows^® registry settings must indeed be changed - cf. http://wiki.samba.org/index.php/Windows7:

HKLM\System\CCS\Services\LanmanWorkstation\Parameters
DWORD  DomainCompatibilityMode = 1
DWORD  DNSNameResolutionRequired = 0

To join a Windows^® workstation to a Samba domain, you have to access Systems Properties. For example, right-click on Computer then Properties.

Figure 6.32. Join Windows^® to a Samba domain: 1

Go to the Computeur Name tab and click on the Change... button.

Figure 6.33. Join Windows^® to a Samba domain: 2

Fill the domain name and confirm by clicking on the OK button.

Figure 6.34. Join Windows^® to a Samba domain: 3

An authentication window appears. Fill then the administrator account that is allowed to join the Samba domain and press the OK button.

	Note
	This account correspond to a domain Administrator account created in the Mandriva Management Console.

Figure 6.35. Join Windows^® to a Samba domain: 4

This operation may take some time. A new window should appear telling you that you have joined the domain (Mandriva in this example).

Figure 6.36. Join Windows^® to a Samba domain: 5

You must now reboot the workstation. The Windows^® authentication page should offer the domain choice (Mandriva in this example). Log in with a domain User account (user1 in this example).

Figure 6.37. Login in a Samba domain under Windows^®

9.2. Mandriva workstation

The authentication method used on GNU/Linux will directly be LDAP.

	Warning
	For this authentication method, it is necessary to open 389 TCP port in the Mandriva Directory Server server.

To configure the Mandriva Linux workstation, use the tool Configure your Computer from the menu. Once in the tool, go to the System tab, then click on Authentication as shown in the screenshot below.

Figure 6.38. LDAP Authentication in Mandriva: 1

Chose the authentication method, ie LDAP.

Figure 6.39. LDAP Authentication in Mandriva: 2

In the next window, fill the LDAP server in the right field, ie FQDN name (in preference) or the Mandriva Directory Server IP address.

Click then on Fetch base Dn, the Root DN field should automatically fill with the suffix of your LDAP directory. Finally, click on OK button.

Figure 6.40. LDAP Authentication in Mandriva: 3

	Tip
To view the domain accounts, you can run the following command in a console : # getent passwd

Tip

To view the domain accounts, you can run the following command in a console :

# getent passwd

Prev	Up	Next
8. LDAP password policy module	Home	Chapter 7. Middleware Stacks