文档介绍：我怎样才能把运行Linux操作系统的电脑加入到Windows 2003服务器的动态目录中?
你可以使用Kerberos把Linux客户端认证到一个动态目录的域控制器中。把你的动态目录的域名作为域名,把你其中一个域控制器(最好是你的PDC模拟器)的名字当作KDC服务器,在Linux bonex上设置Kerberos客户端。你如何做到这一点取决于你运行的是哪一种Linux。下面这个链接可能会对你有所帮助: ... tive-
Authenticating Linux against Active Directory
One thing to keep in mind is that ?even when signed on in active directory - it doesn't offer plete single sign on ?yet. You will still have to provide a user name and password if using a windows based proxy server such as ISA server. You will probably still have to use a user name and password if using a windows based mail server (Although Evolution supports GSS API and through this you should be able to eliminate this sign-on ?I will be trying this out at some point).
However it does mean that you can use the same account name and password to log on to your Linux or Windows machine, and it also means you can change your password in Linux. Also, in case pany requires this, network administrators will be able to logon to your machine with their administrator credentials. So the Linux machine no longer is an 'island'. It is also possible to extend active directory to allow for home directories etc to be managed in active directory.
Alternatives
There are 2 alternatives to authenticate against Active Directory:
Using the kerberos client (requires Active Directory)
Using Winbind & samba client
In my