Re: [CentOS] Anyone using CentOS Active Directory like system?
Am 30.09.2013 um 07:34 schrieb Gordon Messmer gordon.mess...@gmail.com: On 09/29/2013 09:56 PM, John R Pierce wrote: I'd test this over Samba as a AD replacement. but, if your environment includes a lot of windows client systems, and expects to use Active Directory group policies to closely manage those windows systems, none of these solutions will come close to what the 'real thing' offers. I agree. If you're managing Windows clients and need Group Policy, there's very little reason not to run AD. If you don't like giving money to Microsoft, then ditch the clients. Even if you replace AD with Samba, you still need a management workstation to handle all of the tools that would otherwise be present on an AD system. Most of the time, that means you haven't actually saved any money on Windows licenses. Yes. If you need to have Windows-Clients around, you need to have a native AD around, too. Period. Both FreeIPA and RHIPA state rather prominently on their web-pages that they are not a replacement for the former. Rather, they are meant as an alternative. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
- Original Message - | I am the IT Development Specialist for a small community college and | our | CIO has asked me to explore an alternative to Microsoft Active | Directory as | we are separating from our parent university and funding is tight so | we | were looking into CentOS with 389 Directory Server. | | Any advise or suggestions would be very helpful. | | Jacob Tennant No, we use Active Directory because it's the right tool for the job. I think that you will find that you will have a difficult time finding another product that will provide all the tools that AD provides when working with Windows. If you are working with Windows and Windows only just use AD it's the right thing. If you're in a mixed bag of Windows, Mac and GNU/Linux, just use AD, it's likely still the right thing. If you only need basic authentication than Samba will likely suit your needs. On what scale are you talking? 2 workstations, 50 workstations, 100s workstations? -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices “A successful person is one who can lay a solid foundation from the bricks others have thrown at them.” -David Brinkley via Luke Shaw ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
sernet.de/en/samba/ seems to have the most promising SaMBa binaries and make an ISO image to download. Described as http://www.enterprisesamba.com/samba4app/ Setting up a new domain without existing ADS: http://wiki.samba.org/index.php/Samba4/HOWTO#Provisioning_Samba_.28Setting_up_a_new_domain.29 http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC On Mon, Sep 30, 2013 at 12:50 PM, James A. Peltier jpelt...@sfu.ca wrote: - Original Message - | I am the IT Development Specialist for a small community college and | our | CIO has asked me to explore an alternative to Microsoft Active | Directory as | we are separating from our parent university and funding is tight so | we | were looking into CentOS with 389 Directory Server. | | Any advise or suggestions would be very helpful. | | Jacob Tennant No, we use Active Directory because it's the right tool for the job. I think that you will find that you will have a difficult time finding another product that will provide all the tools that AD provides when working with Windows. If you are working with Windows and Windows only just use AD it's the right thing. If you're in a mixed bag of Windows, Mac and GNU/Linux, just use AD, it's likely still the right thing. If you only need basic authentication than Samba will likely suit your needs. On what scale are you talking? 2 workstations, 50 workstations, 100s workstations? -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices “A successful person is one who can lay a solid foundation from the bricks others have thrown at them.” -David Brinkley via Luke Shaw ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
Sorry, ctrl-enter (send right away) won ctrl-shift-v... i used to love MS ADS, but do not love it much anymore and see that there are other tools for the job. There was not nearly enough documentation on which target machines a particular group policy can apply correctly to which version of windows (2000?, XP?, 7?, Vista?, ...). When there was a problem, applying a policy there were many different logfiles one had to parse thru to put together the problem. Most of those policies can be done with registry changes pushed out a number of different ways. Zarafa or Zentyal are projects to look at. sernet.de/en/samba/ seems to have the most promising SaMBa binaries and make an ISO image to download called samba4app. Described as Guided initial configuration of a Samba 4 Active Directory domain http://www.enterprisesamba.com/samba4app/ Full support for managing Windows clients via group policies using the Windows Remote Server Administration Tools. Win7Pro or Enterprise runs that tool. It would be much less expensive to buy one server license instead of multiple licenses and all those CALs. Some wiki articles: Setting up a new domain without existing ADS: http://wiki.samba.org/index.php/Samba4/HOWTO#Provisioning_Samba_.28Setting_up_a_new_domain.29 Join an existing ADS domain: http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC On Mon, Sep 30, 2013 at 4:58 PM, Rob Townley rob.town...@gmail.com wrote: sernet.de/en/samba/ seems to have the most promising SaMBa binaries and make an ISO image to download. Described as http://www.enterprisesamba.com/samba4app/ Setting up a new domain without existing ADS: http://wiki.samba.org/index.php/Samba4/HOWTO#Provisioning_Samba_.28Setting_up_a_new_domain.29 http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC On Mon, Sep 30, 2013 at 12:50 PM, James A. Peltier jpelt...@sfu.ca wrote: - Original Message - | I am the IT Development Specialist for a small community college and | our | CIO has asked me to explore an alternative to Microsoft Active | Directory as | we are separating from our parent university and funding is tight so | we | were looking into CentOS with 389 Directory Server. | | Any advise or suggestions would be very helpful. | | Jacob Tennant No, we use Active Directory because it's the right tool for the job. I think that you will find that you will have a difficult time finding another product that will provide all the tools that AD provides when working with Windows. If you are working with Windows and Windows only just use AD it's the right thing. If you're in a mixed bag of Windows, Mac and GNU/Linux, just use AD, it's likely still the right thing. If you only need basic authentication than Samba will likely suit your needs. On what scale are you talking? 2 workstations, 50 workstations, 100s workstations? -- James A. Peltier Manager, IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 778-782-6573 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices “A successful person is one who can lay a solid foundation from the bricks others have thrown at them.” -David Brinkley via Luke Shaw ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
On 09/27/2013 10:15 PM, Tennant, Jacob wrote: Any advise or suggestions would be very helpful. Samba4 has been offered as an option. However, as far as I know, the packages in Fedora and RHEL are not capable of operating as an AD server. More specific information is here: https://fedoraproject.org/wiki/Features/Samba4 If you want to run Samba 4 as Microsoft Active Directory replacement, you'll need to build your own packages with Heimdal Kerberos support. Someday, when RHEL/Fedora offer working MIT Kerberos support, you'll want to migrate to reduce ongoing maintenance costs, and that's going to be a huge headache. If you don't need Group Policy support, you can use FreeIPA to authenticate Windows and Linux guests: http://www.freeipa.org/page/Main_Page OS X has been supported, but I'm not sure what the status of 10.7 is. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
Greetings, On Mon, Sep 30, 2013 at 6:21 AM, Gordon Messmer gordon.mess...@gmail.com wrote: On 09/27/2013 10:15 PM, Tennant, Jacob wrote: Any advise or suggestions would be very helpful. Samba4 has been offered as an option. However, as far as I know, the packages in Fedora and RHEL are not capable of operating as an AD server. More specific information is here: https://fedoraproject.org/wiki/Features/Samba4 of course the default repo may not support. Have you tried this: http://enterprisesamba.com/ google-fu did this to me https://www.google.co.in/search?q=rhel/centos+samba4+rpmie=utf-8oe=utf-8rls=org.mozilla:en-US:unofficialclient=firefox-agws_rd=crei=PfVIUt3XHsWsrAfauIGgAg http://wiki.samba.org/index.php/Samba_4/OS_Requirements https://lists.samba.org/archive/samba/2012-November/170177.html http://pkgs.org/centos-6-rhel-6/centos-rhel-x86_64/samba4-dc-4.0.0-55.el6.rc4.x86_64.rpm.html etc. etc. HTH -- Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
On 9/29/2013 5:51 PM, Gordon Messmer wrote: If you don't need Group Policy support, you can use FreeIPA to authenticate Windows and Linux guests: http://www.freeipa.org/page/Main_Page noting that FreeIPA is built around the 389 Directory project the OP already mentioned... I'd test this over Samba as a AD replacement. but, if your environment includes a lot of windows client systems, and expects to use Active Directory group policies to closely manage those windows systems, none of these solutions will come close to what the 'real thing' offers. -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
On 09/29/2013 09:56 PM, John R Pierce wrote: I'd test this over Samba as a AD replacement. but, if your environment includes a lot of windows client systems, and expects to use Active Directory group policies to closely manage those windows systems, none of these solutions will come close to what the 'real thing' offers. I agree. If you're managing Windows clients and need Group Policy, there's very little reason not to run AD. If you don't like giving money to Microsoft, then ditch the clients. Even if you replace AD with Samba, you still need a management workstation to handle all of the tools that would otherwise be present on an AD system. Most of the time, that means you haven't actually saved any money on Windows licenses. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
On Sat, 28 Sep 2013, Rajagopal Swaminathan wrote: Have you looked into Samba 4 which provides build for Centos and it seems it does support AD as DC: One more vote for Samba4. -s ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
On 09/28/2013 01:41 AM, Rajagopal Swaminathan wrote: Greetings, On Sat, Sep 28, 2013 at 10:45 AM, Tennant, Jacob jacob.tenn...@pierpont.edu wrote: were looking into CentOS with 389 Directory Server. Any advise or suggestions would be very helpful. That is a choice of course. Have you looked into Samba 4 which provides build for Centos and it seems it does support AD as DC: http://opentodo.net/2013/01/samba4-as-ad-domain-controller-on-centos-6/ YMMV. Be sure to disable any other DC on the network. Windows always assumes that no other OS exists. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS Active Directory like system?
Greetings, On Sat, Sep 28, 2013 at 10:45 AM, Tennant, Jacob jacob.tenn...@pierpont.edu wrote: were looking into CentOS with 389 Directory Server. Any advise or suggestions would be very helpful. That is a choice of course. Have you looked into Samba 4 which provides build for Centos and it seems it does support AD as DC: http://opentodo.net/2013/01/samba4-as-ad-domain-controller-on-centos-6/ YMMV. -- Regards, Rajagopal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos