Likewise Open
Summary
Likewise Open joins Linux machines to Microsoft Active Directory and securely authenticates users with their domain credentials.
Owner
- Name: Scott Salley
- Email: ssalley@likewise.com
Current status
- Targeted release: Fedora 41
- Last updated: March 1, 2010
- Percentage of completion: 90%
Detailed Description
After joining to Active Directory, users will be able to log in with their domain credentials.
Benefit to Fedora
The addition of Likewise Open will allow Fedora into environments where computers and users must be managed by Active Directory, namely large corporations dominated by MS Windows.
Scope
- Get changes into SELinux
- OpenLDAP version is appropriate
- Kerberos version is appropriate
How To Test
A misconfigured authentication system can prevent all logins! Initial testing should be done with a system you don't care about or through a VM.
- Join you machine to Active Directory through either the command line or GUI interface.
- domainjoin-cli join DOMAIN.COM DOMAIN\\username <enter domain password at prompt.>
- domainjoin-gui
- Attempt logging in as a domain user.
- ssh by DOMAIN\\username@localhost
The number of 'whacks' between DOMAIN and username varies depending on if the 'whack' is an escape character.
All programs should behave normally once you are logged in.
User Experience
Login screens and prompts will appear the same as usual but Active Directory credentials will accepted.
Dependencies
No other packages are dependent on Likewise Open.
Likewise Open is dependent on
- OpenLdap
- Kerberos
- SELinux
Contingency Plan
Likewise Open is not a necessary part of the distribution and nothing (but my ego) will be harmed if it is not included.
Documentation
- Likewise Open <http://www.likewise.com/resources/documentation_library/>
Release Notes
- Likewise Open provides a means to authenticate with Microsoft's Active Directory.