Spring Security: Active Directory setup


Kerberos vs NTLM:

linux 加入 domain 的四種方法

Kerberos plus LDAP – This is a lower-level option where you set up Linux to use Active Directory’s underlying protocols yourself.
Samba – Samba is the defacto standard for joining a Linux machine to a Windows domain.
Likewise – Likewise is basically Samba-in-a-box; easier to set up than a full-fledged Samba installation (the GUI should do it for you in under an hour, including time to read its docs), but correspondingly less control. Likewise Open is free of charge; Likewise Enterprise adds features like managing Linux machines via Group Policy.
Microsoft Windows Services for Unix includes options for serving usernames to Linux / UNIX via NIS and for synchronizing passwords to Linux / UNIX machines. You’d use this if you wanted to do everything possible from Windows or if you had an existing Linux / UNIX infrastructure you wanted to tie to Windows; for most environments, though, one of the other solutions would be better.

Owncloud 4 and AD LDAP

[ownCloud] Owncloud 4 and AD LDAP on Windows
LDAP configuration

-LDAP Basic
Host: IP or Resolvable DNS
Base DN: dc=DOMAIN,dc=TLD
User DN: user@domain.tld
Password: password
User Login Filter: sAMAccountName=%uid
User List Filter: objectClass=user
Group Filter objectClass=group

Port: 389
Case insensitive LDAP server (Windows) checked
The Group Member association must be set to “member (AD)”
Display Name Field: sAMAccountName

資料來源: http://it.thelibrarie.com/weblog/2012/07/owncloud-4-and-ad-ldap/