You can set up an OpenLDAP server and use the pass-through authentication (PTA) mechanism to verify the user credentials against Active Directory.

OpenLDAP Pass-through Authentication supports integration with Active Directory for desktops running any Linux distribution supported by Horizon Agent.

Note: For OpenLDAP Pass-through Authentication, you can perform the configuration in a template virtual machine. No additional steps are required in the cloned virtual machines.

At a high level, the OpenLDAP Pass-through Authentication solution involves the following steps.

Procedure

  1. To enable LDAPS (Lightweight Directory Access Protocol over SSL), install Certificate Services on the Active Directory.
  2. Set up an OpenLDAP server.
  3. Synchronize user information (except password) from the Active Directory to the OpenLDAP server.
  4. Configure the OpenLDAP server to delegate password verification to a separate process such as saslauthd, which can perform password verification against the Active Directory.
  5. Configure the Linux virtual machines to use an LDAP client to authenticate users with the OpenLDAP server.