Guide for AD Authentication using Third Party AD Tool

I’ve been trying to get domain authentication working within Usermin/Virtualmin using BeyondTrust ADBrdige (PBIS). It seems like nothing is working. So Im curious if anyone has an guide on how to setup AD based authentication using a third party tool like AD Bridge or even Centrify.

Alternatively, if there are no instructions for this is there another way to go about this? The main requirement I have is I need to move websites which are currently using domain creds using kerberos auth with Apache. If I didnt try to leverage PAM and AD Bridge is there another approach to use AD creds for the websites user?

Thanks,

PAM is the right way, almost certainly.

I don’t know if anyone has covered AD, but LDAP is pretty well-understood and documented (though the docs are quite old): https://www.virtualmin.com/documentation/id%2Ccombining_virtualmin_and_ldap

As I understand it, you can treat AD as an LDAP server, with a few caveats, when configuring Linux systems to participate in an AD thing.

I managed to get PAM working for Usermin users. Although I dont see a way to use AD user and PAM for the Virtualmin user. Do you know where that is configured?

Thanks!

In Webmin. Virtualmin users are Webmin users. (And mail/ftp users are regular system users, with no Webmin account, but I think if you get PAM auth to AD working, that’ll just work, assuming the users exist in AD.)

I’m not sure how it should be implemented to manage the different kinds of users, actually, as AD is not something I’ve used/managed in 15+ years. But, I assume as long as the usernames in AD match the Webmin usernames that are managing the Virtualmin domains it’ll work out.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.