[Samba] Samba PDC/Windows BDC domain sync
I have everything in place to move to a Samba/Heimdal/OpenLDAP auth database and have just discovered that some of the Windows products we use are required to run on a domain controller. Since domain sync doesn't work between Samba and NT4 it looks like I'm stuck: either ditch all the software we run on domain controllers, stay with our current 2-auth-db system, or move at least our Windows machines to AD, none of which I want to do. I appears that XAD 2.0 may be able to do what I want, and I'm checking on it's availablity, but I was wondering if anyone has any bright ideas for getting the Samba PDC to do what I want. Right now it looks like the best thing to do is to hack up a sync tool for WinNT - OpenLDAP to keep the passwords in sync. Thanks for any information, -- | Jim Hranicky, Senior SysAdmin UF/CISE Department | | E314D CSE BuildingPhone (352) 392-1499 | | [EMAIL PROTECTED] http://www.cise.ufl.edu/~jfh | -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC/Windows BDC domain sync
James F. Hranicky wrote: I have everything in place to move to a Samba/Heimdal/OpenLDAP auth database and have just discovered that some of the Windows products we use are required to run on a domain controller. Since domain sync doesn't work between Samba and NT4 it looks like I'm stuck: either ditch all the software we run on domain controllers, stay with our current 2-auth-db system, or move at least our Windows machines to AD, none of which I want to do. I appears that XAD 2.0 may be able to do what I want, and I'm checking on it's availablity, but I was wondering if anyone has any bright ideas for getting the Samba PDC to do what I want. Right now it looks like the best thing to do is to hack up a sync tool for WinNT - OpenLDAP to keep the passwords in sync. Hi James, Would you mind letting us know what product requires to be installed on a domain controller? I, for one, would like to shy away from ever evaluating their product. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC/Windows BDC domain sync
On Thursday 23 March 2006 13:09, Doug VanLeuven wrote: Hi James, Would you mind letting us know what product requires to be installed on a domain controller? I, for one, would like to shy away from ever evaluating their product. Desktop Authority: http://downloads.cybis.co.uk/scriptlogic/Desktop_Authority_7_Release_Notes.pdf E-Policy Orchestrator https://delta.ist.utl.pt/bin_software/ePO_36_InstallationGuide_EN.pdf Unless I'm mistaken, these both require running on a domain controller of some kind. Jim -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC/Windows BDC domain sync
James F. Hranicky wrote: On Thursday 23 March 2006 13:09, Doug VanLeuven wrote: Hi James, Would you mind letting us know what product requires to be installed on a domain controller? I, for one, would like to shy away from ever evaluating their product. Desktop Authority: http://downloads.cybis.co.uk/scriptlogic/Desktop_Authority_7_Release_Notes.pdf E-Policy Orchestrator https://delta.ist.utl.pt/bin_software/ePO_36_InstallationGuide_EN.pdf Unless I'm mistaken, these both require running on a domain controller of some kind. Hi Jim, Actually, both strongly recommend -not- installing on a domain controller. I can see where it used to be a requirement, but they advise member servers now. Desktop Authority page 2 and ePolicy page 6. Scriptlogic supports NT40 domains and should work on a 2000SP2 or greater member server. ePolicy just states it needs to be installed on windows 2000SP3 or later including 2003 Web server (which would never be a PDC). They just want a trust relationship with the PDC although I don't see whether or not NT style PDC is supported. I'd check with the vendors, but you may be able to accommodate samba3 as a NT40 style PDC with both those products. If ePolicy is tightly integrated to AD, I don't think that will be supported till samba4. Regards, Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba