samba 3 is not able to be pdc in an ad(ldap+kerberos) domain. samba 4 will be able, but it is in an pre alpha phase and a beta release is espected for 4q2k5. but you could build a m$ ad pdc and establishing a cross domain trust. samba 3 is able to be domain member server in an ad domain. i have the same problem in my school, we decided to build a samba 3(nt4) pdc with ldap backend, it is not realy good usuable(only one person writes in the ldap directory for having consistent data).
mfg JDSalchow [EMAIL PROTECTED] wrote: > At my new job they are looking to implement a domain > controller into the environment. In the future they > were looking to add kerberos, to provide additional > security and provide a single login on windows and > unix. In addition they currently have an AFS system(no > kerberos) in place. They have three offices that are > connected via T1 vpn tunnels. Each location is on a > different subnet. The company deals with a lot of > confidential data and security is of the highest > importance. > > Now with all that said, I thought that if I'm going to > create the Samba PDC it would make sense to put the > kereberos server in now. Is there a way to integrate > kerberos into a samba PDC where the token gets passed > to the client? All the windows clients will be > Windows 2000 or higher. > > Has anyone tried anything similar? Any suggestions? > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - 250MB free storage. Do more. Manage less. > http://info.mail.yahoo.com/mail_250 > ________________________________________________ > Kerberos mailing list [EMAIL PROTECTED] > https://mailman.mit.edu/mailman/listinfo/kerberos > ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
