I currently have a SCO OpenServer 6 server. I also have a Windows Server 2008 R2 server, controlling an Active Directory domain and doing a mighty fine job at it. On any given day, users are required to log into both of these regularly.
If at all possible, I would like it so that the SCO server can authenticate against the AD user on the Windows server, so the users (and, by extension, I) need not worry about managing multiple user accounts with multiple passwords. Even if it's just testing the password against the AD, with all the actual Unix account details (uid, gid, home, shell, etc.) still configured locally, I would consider it a win.
I'm not talking about just accessing Windows shares from the Unix box and vice-versa; I can already do that with Samba. I have also messed with the Kerberos installation that comes with the latest maintenance pack, and while it seems to authenticate against the Windows server after I configure it to do so, it only works with certain tools; there does not seem to be a Kerberized version of login itself.
Am I just grasping at straws here, or is there actually some chance of success at the end of my path?
You could look at PowerBroker Open. It allows Unices to use an AD machine to authenticate for various machines. I'm not sure whether Open SCO is supported (though various other Unices are). There is an Open Source version that you could give a try and see whether you can persuade it to work.
Otherwise I know with Linux it is quite popular to use the LDAP PAM module to authenticate against AD as another option. Is this possible with SCO?
Your biggest problem is that you're using Open SCO which is being used less and less so finding support for it is only going to become more difficult.
You can use the Samba winbind for NSS and PAM. This lets the box use Windows for authentication and authorization lookups.