Cell Module for Likewise Open

Authenticate with Microsoft Active Directory

The Basics

• Introduction
• LIKEWISE OPEN DATASHEET
• COMPARE LIKEWISE OPEN AND LIKEWISE ENTERPRISE
• VIEW SUPPORTED PLATFORMS
• SEE THE LIKEWISE OPEN ADMINISTRATORS GUIDE
• JOIN THE LIKEWISE OPEN COMMUNITY
• LIKEWISE OPEN SUPPORT OPTIONS

The Cell Module for Likewise Open extends Microsoft Active Directory so you can assign user identifiers (UIDs) and group identifiers (GIDs) to Linux, Unix, and Mac users and groups.

Here's what you can do with the Cell Module and Likewise Open:

• Authenticate users and groups with Likewise Open by using UID-GID information from Active Directory.
• Centralize and simplify UID-GID management by using Active Directory Users and Computers (ADUC) to manage your Linux, Unix, and Mac OS X users. The Cell Module extends the dialog boxes in ADUC to manage users, groups, organizational units, and domains for Linux and Unix access.
• Control access to Linux, Unix, and Mac computers based on the UID-GID values that you set.
• Set home directories and login shells in ADUC.
• Mirror your organizational units with Likewise cells and map Active Directory users and groups to UIDs and GIDs.
• Administer organizational units for Linux and Unix with Cell Manager, a Likewise MMC snap-in for managing Likewise cells.

UID-GID Generation in Likewise Open

In Likewise Open without the Cell Module, a UID and GID are generated by hashing the user or group's security identifier, or SID, from Active Directory. Although a UID and GID stays the same across host machines with Likewise Open, you cannot set UIDs and GIDs for Linux and Unix in Active Directory, and that's where the Cell Module comes in. It extends Active Directory to let you set and manage UIDs and GIDs with ADUC.

Mapping SIDs to UIDs and GIDs

The Cell Module maps SIDs to UIDs and GIDs and vice versa. This mapping enables Likewise Open to use an Active Directory user account to grant a user access to a Unix or Linux resource that is governed by a UID-GID scheme. When an AD user logs on a Unix or Linux computer, the Likewise Open agent communicates with the Active Directory domain controller through standard LDAP protocols to obtain the following information:

• UID
• Primary GID
• Secondary GIDs
• Home directory
• Login shell

Likewise Open then uses this information to authorize the user to access Unix and Linux resources.

Setting UID-GID Information in Active Directory

The Likewise UID-GID management tool provides extension tabs to the property sheet of the following Active Directory objects in the Microsoft Active Directory Users and Computers MMC snap-in:

• Users
• Groups
• Organizational Units
• Domain

Related Topics

Access Control

Cell Manager

Advanced Cell Technology

Unix User Account Management