Single Sign-on (continued).
- winbindd allows UNIX/Linux users to log onto their desktop with DOMAIN\username and their Windows password.
- This is done by a combination of nsswitch changes to extend the user and group enumeration to include Windows accounts, and pam modules to replace the standard UNIX authentication.
- Listing the file system can show files owned by remote users.
- winbindd has been tested in 65,000 user Windows 2000 domains, and caches most information locally.
Notes:
No notes for slide 33