Authentication services in Ubuntu

David Burke dmbst32 at gmail.com
Tue Jun 4 18:39:50 UTC 2013 

On Tue, Jun 4, 2013 at 10:21 AM, Bolesław Tokarski <
boleslaw.tokarski at tieto.com> wrote:

> On 06/03/2013 09:06 PM, Timo Aaltonen wrote:
>
>> We could also do some investigations on realmd from Fedora/RedHat which
>>> is their tool for joining a Directory service. I believe it's not just
>>> for MS AD. Realmd has not been packaged for .deb yet, I believe. And I
>>> am not sure how RedHat-specific it is.
>>>
>> It's on raring & saucy at least (0.12-0ubuntu1), but not on Debian.
>>
>
> Hey. I am just testing realmd on raring&saucy. Somebody did a good job
> creating it (hail to RedHat) and packaging it for Ubuntu (hail Sebastien
> Bacher). Now it seems for MS AD it also required adcli, which is not
> packaged... I reported it as LP #1187409. I will try to work around it for
> now to see how far can I go with it.
>
> Cheers,
> Ballock
>
>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss at lists.**ubuntu.com<Ubuntu-devel-discuss at lists.ubuntu.com>
> Modify settings or unsubscribe at: https://lists.ubuntu.com/**
> mailman/listinfo/ubuntu-devel-**discuss<https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss>
>

I wanted to add my struggles with Ubuntu authentication running clients at
schools. Sorry to reply so far down the thread, I just joined this list.

Initial log-in issues. Described in my
blog<http://davidmburke.com/2012/04/26/ubuntu-12-04-deployment-with-active-directory/>.
In short, first log-in in Ubuntu can fail if networking is not up. My
work-around (pingtest) is not ideal because if credentials are cached then
it's wasting time. It should be handled by pam. I think the ideal logic
should be:
- Attempt log in (local, cached credentials, etc)
- If failed AND some network auth is present AND networking is not settled:
    - display a friendly message with cancel button "Waiting for network
connection"
    - wait until networking succeeds or fails in connecting
I can reproduce this behavior with many machines at different schools.

Folder redirection and friendlier mounts. As
discussed<https://lists.launchpad.net/enterprise-ubuntu/msg00077.html>.
 In short I don't have a reliable way to mount shares if the user logs in
without networking (via cached credentials). gvfs has limitations that make
it a blocking issue for me.

Zentyal is claiming desktop support on their next version. It will be
interesting to see how they do it.

Best,
David Burke
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20130604/4805b7c9/attachment.html>

More information about the Ubuntu-devel-discuss mailing list