I'd like to help, how ever I have linuxchange.com project that is an Windows NT infrastructure replacement on une accout for all. But I was thinking on migrating it on a 2k a-like domain that0s whay I ask.
I have read win doc and scaning windows-client trafic when adding into a domain but afert a _ldap._tcp.WINDOMAIN SRV request I dont see any trafick of any type. LD El Mar 10 Ago 2004 16:55, [EMAIL PROTECTED] escribi�: > On Aug 5, 7:28pm, Thomas Schweizer wrote: > } Subject: Re: Windows 2000/2003 Domain on Linux > > Good afternoon to everyone on the list, hope that the week is > progressing well for everyone. > > > Luis Daniel Lucio Quiroz wrote: > > > Does anyone has tried to do a Win2k domain under linux? > > > > > > Any doc? > > > > > > I have al ready runing an configured > > > Kerberos > > > DNS - With all SRV entries > > > Datetime service > > > SAMBA domain (NT4 style) > > > > Well, an ADS domain consists of Kerberos 5, LDAP and DDNS all glued > > together. It is unfortunately not sufficient just to have all of > > these services running. As we all know MSFT, they have added their > > own extensions (PAC, connectionless LDAP,...) to these protocols and > > the clients do relay on them. Hence it would be necessary to > > implement quite a lot of them. I think the major goal of Samba 4.0 > > will be the implementation of a complete ADS-compatible directory > > service. But the time schedule is AFAIK not very concrete. So you've > > got to be a little patient... > > A schedule that is not only not very concrete but ultimately very > problematic as well, IMHO. Problematic enough that we launched the > Hurderos Project to see if there was an appetite for building an OSS > Active Directory work-alike without entertaining all the problems > secondary to building a clone. > > I've argued myself almost blue in the face with a number of prominent > members of the Open-Source community over the glaring lack of response > that OSS has in this area. Middleware isn't very sexy but its the > stuff that organizations spend lots of money and time on and don't > change very much once they have it in place. I think that AD has the > potential to be one of the most overlooked cards that can be played in > the arena of proprietary lock-down in the enterprise. > > AD's current Kerberos implementation may be 'RFC compliant' but this > list is full of documentation for how little that means when it comes > to making multiple implementations inter-operable. If I was a CIO of > a major corporation it wouldn't take me very long to be sold that AD > 'just works' with the desktop and the host of other very popular > applications that organizations depend on. > > Once that happens uprooting an increasingly complex and expansive AD > implementation is going to be more and more problematic. This opens > the door for cutting the legs out from under the infiltration pathway > that OSS solutions have been using in the enterprise. > > If I were a betting man I would wager that an exact Samba 4.x AD clone > will be the arena where patent litigation gets used to slow down > Open-Source. Building a clone in this space is going to involve > treading very close to some sensitive legal ground. > > > Cheers. > > It will be interesting to see how all this plays out. In the meantime > we are focusing on trying to give the community an alternative. > > }-- End of excerpt from Thomas Schweizer > > As always, > GW > --------------------------------------------------------------------------- >--- The Hurderos Project > Open Identity, Service and Authorization Management > http://www.hurderos.org > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
