The One Laptop Per Child (laptop.org) is a US$100 laptop that promises to revolutionise education and development among some of the world's poorest children. According to the OLPC Foundation, "starting November 12, One Laptop Per Child will be offering a Give 1 Get 1 Program for a brief window of time in North America. For $399, you will be purchasing two XO laptops—one that will be sent to empower a child to learn in a developing nation, and one that will be sent to your child at home." In other words, $400 gets your child a laptop, and another one is sent to a needy child in the developing world. And, your child gets a pen-pal in that child, since they can stay in touch via e-mail. You can donate here.

As they say, touch a child's life and you never know what other lives might be touched in turn. Read more about the OLPC and the "Get 1 Give 1" program in this New York Times article.

There has been a lot of negative comments about what's wrong with the laptop — no hard drive, no CD/DVD drive, etc. But until you see one in operation, you have no idea what a powerful idea this rabbit-eared laptop represents, and about its potential to change the world. This YouTube video review by David Pogue of the New York Times also shows what a powerful kid-magnet the OLPC is.

According to Nicholas Negroponte, OLPC founder and former chairman of MIT's Media Lab, complaining about the perceived shortcomings of the laptop is "as if people spent all of their attention focusing on Columbus’s boat and not on where he was going". Walter Bender, a computer researcher who served as director of the Media Laboratory after Mr. Negroponte and now heads software development for the laptop project, likens the XO to a Trojan Horse — “the soldiers inside this Trojan horse are children with laptops.”

Now that the Linux box is authenticating its users with their ADS credentials, and Apache is protecting its directories using the same ADS user database, we are ready to set up BackupPC to show users only the PCs for which their names are recorded in BackupPC's hosts file.

We do this by simply using the Active Directory user names for these users in BackupPC's hosts file. Now, when any such users gives their ADS username and password when prompted by BackupPC, only the PCs listed for them will be shown.

For BackupPC administrators however, we need to do a little bit more configuration.

Recall that the reason for doing this Linux-Windows integration was to get the users of my Linux-based backup server to have web-based access to their files, from their Windows XP desktops.

I will not go into the details of configuring the BackupPC web interface. That's extensively covered in the BackupPC documentation here.

Apache has an almost-annoyingly huge number of authentication mechanisms, but most people use password authentication based on an .htpasswd or .htaccess file. However, since all the users of my Linux-based backup system already had acounts on the ADS server, it seemed to make no sense to have to create a parallel authentication database for them. Not to think of the nightmare of synchronising the two databases when either or both change.

The first step is to get the Linux box to treat Windows ADS accounts as local accounts — i.e. people can log into the Linux box using their Windows ADS usernames and passwords.

This is quite easily done using Fedora Core 4, and is described in this article. The article actually describes the steps for Fedora Core 2 (Fedora 3 Beta), but the steps are even simpler and less error-prone for Fedora Core 4.

This HOWTO describes how to integrate a Linux box into a Windows (Windows 2000 or 2003) ADS Domain, so that users can log in to the Linux box using their Active Directory credentials.

It's based on a Linux-based backup system which I've implemented for my teaching programme LAN (mostly Windows XP clients) at AIS. The system uses BackupPC running on a Fedora Core 4 box.

All the users of the network served by the backup server authenticate against a Windows 2003 Active Directory, and I wanted them to be able to use their ADS credentials to gain access to the backups of their Windows XP client (and their client alone) on the BackupPC server.