Peter's Blog

Redefining the Impossible

Validating users

Submitted by Peter on Wed Jan 11 2006 11:15 over 2 years ago

For a long time now I have been contemplating how to validate users on a linux box against a Windows 2000 Active Directory domain. What I mean is, how to use the user names and passwords from the Windows server, without having to set up a duplicate password database on the linux box? I had been under the impression that this meant setting up a linux ldap server and migrating everything to that (as the Windows 2000 version of ldap is deliberately non-interoperable).

Been into it again today and discovered that from python it is actually very easy to validate via python samba support:

import samba.winbind

try:
    if samba.winbind.auth_plaintext( 'Domain\\%s' % strUser, strPassword) != 0:
       raise 'login failed'
except(samba.winbind.error):
    raise 'login failed'

Samba finds the domain controller and validates the user name and password. What could be easier?

This is fine for intranet activities but if you want users logging into your linux box you have to go the ldap route to give them unix groups, login shells etc. Good luck with that.

Filed under: linux python

Anonymous Says:

Wed Jul 26 2006 06:46 over 2 years ago

Or, instead of LDAP you could just use PAM and winbind: http url-> quark.humbug.org.au/publications/notes/winbind.txt

Since using LDAP requires use of PAM anyway.

Peter Says:

Tue Oct 10 2006 09:53 over 2 years ago

This looks like a useful tip for more advanced stuff. My simple verification has been working quite nicely though. When people cannot log in it is invariable because their Active Directory accounts have been locked out due to finger trouble. The authentication mechanism has not failed thus far (and I hereby consider fate tempted).

Peter

Have Your Say

I welcome constructive comments or questions but I reserve the right to delete any comments that displease me.

Recent blog posts

Twitterings

Whole day of people visiting to see baby. Tired of making tea.

Sat Jan 03 2009 21:11 3 days ago

Add a comment

Still taking things easy after flu/baby. Turned a computer on! Spent time deleting old crap from laptop while watching superman returns.

Fri Jan 02 2009 22:20 4 days ago

Add a comment

Not tweeted for a few days. Having flu while wife was having baby is quite tiring. Mary-Ester was 9lbs. http://twitpic.com/yndh

Thu Jan 01 2009 11:13 5 days ago

Add a comment

My server hasn't crashed since I re-images it. Touch wood.

Fri Dec 26 2008 19:47 11 days ago

Add a comment

Back to video editing and an afternoon with Sony vegas. Still impressed. It may get sluggish with hour long clips but still no crashes.

Fri Dec 26 2008 19:45 11 days ago

Add a comment

It sure would be cool if the search box in iphone safari opened the google optimised for mobiles (http://bit.ly/6fzl) rather than regular.

Fri Dec 26 2008 09:05 11 days ago

Add a comment

Need at least one tweet even on Christmas day. Belly full, done little. Watched two Schwarzenegger comedies, not a classic Xmas tv year.

Thu Dec 25 2008 21:42 12 days ago

Add a comment

Idea dump: USB missile launcher as camcorder mount. Oh and merry Xmas in 4 minutes time.

Wed Dec 24 2008 23:56 12 days ago

Add a comment

Tell a lie, blender didn't crash but then again couldn't figure out how to use the video editing. Already compositing in vegas without RTFM

Wed Dec 24 2008 21:11 13 days ago

Add a comment

Kinda sad to me that every OSS video editor I tried crashed sooner or later. The commercial ones I tried haven't. Yet.

Wed Dec 24 2008 20:58 13 days ago

Add a comment

I'm officially blown away by vegas studio platinum. Definitely worth booting windows for. Adobe premiere seems dumbed down.

Wed Dec 24 2008 18:05 13 days ago

Add a comment

Sitting in Chinese all-you-can-eat with a full belly. This afternoon either playing with video editors or sleeping. It's a hard life.

Wed Dec 24 2008 13:15 13 days ago

Add a comment

Back into video editing and where has Sony vegas been all my life? Could live with windows this. Do I want a root kit though?

Tue Dec 23 2008 22:51 14 days ago

Add a comment

So if I get this right it's now ruby on merb on rails? Or does rack go in the middle somewhere. Must find a place for cucumber slices.

Tue Dec 23 2008 21:22 14 days ago

Add a comment

Daughter victoria has her first Xmas present: a bookmark to the Disney web site. She's into mickey mouse. Dora is on the way out.

Tue Dec 23 2008 20:10 14 days ago

Add a comment

Peter's Moblog

Peter's Blog

Validating users

Validating users

Have Your Say

Recent blog posts

Twitterings

Stuff