On Tue, Apr 27, 2010 at 6:30 PM, Morty <[email protected]<morty%[email protected]> > wrote:
> On Mon, Apr 26, 2010 at 09:59:02PM -0700, Kevin Keane wrote: > > > Exactly WHY do you need AD instead of NT domains? Without > > understanding that, I don't think your question can be answered. > > I have some COTS Windows web apps that want to authenticate either > using local accounts or against AD. > You should clarify what mechanisms those web apps use for authentication. Generally most web apps use LDAP/NTML for authentication and LDAP for pulling user information. These two things you can achieve more reliably using Samba3 with an LDAP backend compared to Samba 4 (at this stage). Another pathway you should investigate is whether a single sign-on (SSO) system is applicable/appropriate. There are plenty of choices out there, but it does depend on what your COTS applications are. The benefit of SSO is that it abstracts web application authentication from your underlying authentication service. It is a bit more work, and not all web applications work with it, but once in place the results are very good. David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
