[Lias] Samba and WIndows AD

[Daniel Palmer]

Samba 3 will not currently act as a Windows 2000 DC..  It works nicely
as a member server in a 2000/2003 AD domain, but not as DC for it.
However, Samba can support different backends, EG LDAP (like AD).  So
from my understanding, you could have a Samba "NT" PDC which will
authenticate clients against another LDAP source of your choice - useful
if having LDAP access to the directory was one of your reasons for going
to 2000/2003.

I've migrated several NT domains to 2000 / 2003 and haven't run into any
hastles - isn't too hard a path to take if you want the other AD
features..

Daniel Palmer
http://itmanagers.net

-----Original Message-----
From: lias-admin at lists.linux.org.au
[mailto:lias-admin at lists.linux.org.au] On Behalf Of Simon Bryan
Sent: Friday, 28 November 2003 11:53 AM
To: lias at lists.linux.org.au
Subject: [Lias] Samba and WIndows AD


We are currently runinng a Windows NT Domain, we need to move on to an
Windows AD Domain (NT is no longer sujpported etc). A simple option is
of course to just put in a Windows 2003 server - but this then means I
have to repurcahse access licences for all 200 plus workstations, and in
fact we set up a test server and were not that happy with it anyway (too
many issues getting it to run).

The question is can I go to Samba 3 and completely replace the Windows
server - therefore no access licences to worry about. Has anyone done
this that can give me amy pitfalls to watch out for? Will I need a
separate authentication server such as LDAP or will the SAMBA server do
the authentication and user management?

I don't expect detailed HowTo's (but would be nice) rather just a yes or
no that it is or is not possible.


-- 
Simon Bryan
IT Manager
OLMC Parramatta