-
-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add inbuilt support for Windows AD Authentication #149
Comments
Can you clarify or give link ? |
I was looking at |
Just tried on a different machine with v6.0 - make sure my installation wasn't knackered - and it also couldn't see the namespace until updated to v6.1. |
AFAIK it requires AD posh module. See: |
I was aware the module existed, but that's a far better article on installing than I'd seen! Ones I read made it sound like a nightmare to install. I'll look into having that installed on an AD and invoking commands remotely against it tomorrow; least this means it should also hopefully work on *nix, too. |
Its as simple as
You definitely need to go original 6.1 route here. Having dependency installed should not be a concern of the pode IMO, it should be left to users. Documentation IMO should be enough. |
Oh yeah, definitely. What I was thinking of doing was having in the docs that Windows AD auth is supported, but you need to have the AD module installed on the AD you wish to auth against - pode won't do this for you. (and potentially something like if the module isn't there, then it will do a naive AD check using As in the article PowerShell Core needs to run the commands remotely against the AD to use the module. Though, doing some quick digging, Linux->Windows remoting doesn't appear to work unless you setup WinRM to allow unencrypted traffic on the AD 😕. So sort of back to square one on Linux. |
So now I'm awake, rather than half dead 👀 The RSAT module appears to not actually needed, unless I need to use the In the examples I could find (ie: https://gallery.technet.microsoft.com/scriptcenter/PowerShell-Test-Domain-b71cc520), people use the For this, PS and 6.1 should be enough I think (+docs). I'll keep digging for a *nix route, was hoping |
There are several winrm implementations on Linux (not sure for Unix) that are used around in several projects I used such as: On *nix you could also make it work by using OpenSSH instead to domain and then invoking its AD cmdlets. Not elegant as on Windows, but this is probably of low importance and the problem may be resolved in near future by MS. See also |
Aye, hopefully MS will add support in dotnet core at some point. From the last link, the https://github.com/dsbenghe/Novell.Directory.Ldap.NETStandard library seems like a good one for some quick docs to use LDAP on *nix. |
Need to add an inbuilt validator for
auth
which allows Windows AD authentication.This can definitely been supported on Windows PowerShell, but only exists in PowerShell Core 6.1+. (And even then, only for Windows, not on *nix environments - so will need another issue to support Windows AD on *nix).
Idea:
test
domain Windows ADThe text was updated successfully, but these errors were encountered: