Hello Rene, I have actually set this up as an NT domain, as close to ADS as I could possibly get. The implementation was a little tricky, but it involves (heimdal)kerberos, sasl, openldap, pam, djbdns, dhcp, and samba. A web document I had found helped me significantly when I approached technical issues: http://www.opentechnet.com/auth-howto/
Along the lines of replacing ADS, I think this is as close as you may get. The thing that sets Microsoft's ADS apart is that they use a form of Remote Procedure Calls that implements a lot of the leg work. This makes microsoft incompatible against samba. In AD mode, a Microsoft computer won't authenticate against a linux host (though it would as a PDC in NT mode) since it would be trying to communicate in misc forms of RPC talk. On the flip side, it should be possible to authenticate samba against ADS. Here is a tool that allows for flexibilty with authentication under windows: http://pgina.xpasystems.com/info/ As far as drawbacks, that's it. I haven't seen anything wrong with doing it NT style, and with all of the added bells and whistles. I don't know the specifics, but the SMB-TNG is a lot more bleeding edge technology when it comes to samba in an enterprise environment. It may provide you with a solution closer to what you are looking for: http://www.samba-tng.org I had a lot of fun setting this up! ;) Regards, Robert On Monday 25 April 2005 04:25 am, Rene Zbinden wrote: > Has anyone experience using samba as PDC and BDC with OpenLDAP as backend? > Is it possible to totally go away from Windows Active Directories Servers > to the above solution? What are the Drawbacks? > -- > cheers, > rene -- [email protected] mailing list
