How to Get a Windows Client to Authenticate against a Linux LDAP Server
Solution 1:
pGina
pGina is an open source authentication system that replaces the built in authentication of the Microsoft Windows operating system. pGina uses easy-to-write plugins that allow a system to authenticate against virtually any source. Some examples are LDAP, RADIUS, SSH, FTP, SMTP, POP3, and many more.
Getting Started
In order to get up and running, simply follow the steps below.
- Determine what line of pGina to use
- Decide what method of authentication you are going to be using (ex: LDAP, RADIUS, FTP, SSH, etc). and download the corresponding plugin.
- Download pGina
- Install pGina and the plugin
- Configure pGina and the plugin
Main Page : http://www.pgina.org/
Solution 2:
If pGina isn't suitable you can join the machines to a Samba 4 AD domain. The idea is to install Samba 4 and set it up as a domain controller, then have Samba authenticate against your LDAP server. I've never done this and it's a pretty nontrivial exercise, but in theory it's possible.
The SAMBA 4 AD DC HOWTO shows how to get Samba 4 going as a domain controller and join your Windows clients to your domain. You wouldn't necessarily need everything but it gives an idea how integrated you can get things.
Then, to authenticate samba connections against your LDAP server, look at The SAMBA & LDAP guide
Keep in mind Samba 4 is only a recent release. I'd avoid this for any large or commercial installation until samba 4 is more widely used.
Solution 3:
Have you gone through the Active Directory HowTo?