Auth Services and Domain Trusts

Hi,

Looking for some help and advice.

I have a Active Directory that I administer and can install Auth Services into. Within this AD I have some admin users that need access to Redhat machines, all no problem with Auth Services. However, my question is this.

If the AD at the other end of the Trust has users that I need to "Unix Enable", so they can also access the RedHat machines using their AD accounts, is that possible?

Note - the other AD is managed by another company and I have no possibility of getting anything installed or changed other than a trust established.

Can anyone help/suggest if this is possible?

Thanks,

Steve

Parents
  • Hi Leigh,

    Thanks so much for the detailed answer. It has certainly helped me understand further. As you suspected, it has generated a few questions:

    * I've queried with the other AD admin if those properties could be set manually and if so, I'm assuming the Quest software will tell us what to populate into those field for each user. Is that correct? The ID fields I'm uncertain of as we'd need to ensure there was no clash.

    * A two way/one way trust is still to be confirmed. I suspect it'll be a one-way so that we trust them, but they don't trust us.

    Out of interest you mention caching of credentials, can that be disabled?

    Thanks,

    Steve

Reply
  • Hi Leigh,

    Thanks so much for the detailed answer. It has certainly helped me understand further. As you suspected, it has generated a few questions:

    * I've queried with the other AD admin if those properties could be set manually and if so, I'm assuming the Quest software will tell us what to populate into those field for each user. Is that correct? The ID fields I'm uncertain of as we'd need to ensure there was no clash.

    * A two way/one way trust is still to be confirmed. I suspect it'll be a one-way so that we trust them, but they don't trust us.

    Out of interest you mention caching of credentials, can that be disabled?

    Thanks,

    Steve

Children
No Data