Windows Security and Directory Services for UNIX

Yesterday a guide was posted to TechNet that provides guidance on integration of UNIX systems with their Active Directory environment.

Windows Security and Directory Services for UNIX Guide v1.0

From the guide:

This guide shows you how to achieve implementation of five significantly different end states:

End State 1. UNIX clients use Active Directory Kerberos for authentication but continue to use an existing UNIX-based data store for authorization.

End State 2. UNIX clients use Active Directory Kerberos for authentication and use Active Directory LDAP for authorization.

End State 3. UNIX clients use Active Directory LDAP for authentication but continue to use an existing UNIX-based data store for authorization.

End State 4. UNIX clients use Active Directory LDAP for both authentication and authorization.

End State 5. UNIX and Windows infrastructures remain separate: UNIX clients use UNIX-based Kerberos for authentication, Windows clients use Active Directory Kerberos for authentication, and a cross-realm trust enables UNIX and Windows users (if the cross-realm trust is a two-way trust) to access services in the other side.