I'm in a somewhat similar situation. I currently run OpenLDAP and Samba 3 and plan to upgrade hundreds of workstations to MS Windows 7.
I know I can get *nix to authenticate to AD. My concern is that AD won't support the many additional data attributes I've added to my OpenLDAP directory and I will lose my existing account management tools. My, admittedly dated, experience with AD and it's account management tools makes me think this is a step backward. My question for the list: Are there powerful account management tools for Active Directory that can support a custom account lifecycle? For example, if an applicant becomes a student there are several account attributes and groups that need to be changed depending on which program they enroll in; if that student withdraws, graduates, becomes an employee, etc. there are other attributes that need changing. What tools exist for AD that can make those changes with a simple "update status"? P.S. I currently implement my lifecycle in a Ruby Rails application. Maybe I could plug that into AD but I have no idea how difficult that would be. On Mon, Jan 23, 2012 at 10:31 AM, Ski Kacoroski <[email protected]> wrote: > On 01/23/2012 07:45 AM, Benjamin Shayne wrote: >> >> Our primary concern is the large number of Windows 7 clients that >> would all need registry hacks to connect to a Samba domain. OpenLDAP >> and Samba have been difficult to manage with upgrades breaking parts >> of the system and with Windows 7 clients need retooling to connect. >> > > Benjamin, > > Go with AD. It works well for this purpose and you will not be fighting all > the time to try and get MS clients to connect to it. It is pretty easy to > get linux to authenticate to AD (not sure about OpenSolaris). > -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
