Linux as primary domain controller
- Thread starter hbbiz2005
- Start date
- Aug 24, 2012
- 16,249
- 1,518
- 87,240
Research SAMBA: http://www.samba.org/
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html
Just keep in mind that SAMBA can not act as an Active Directory Domain Controller, only as an NT4 style Domain Controller.
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html
Just keep in mind that SAMBA can not act as an Active Directory Domain Controller, only as an NT4 style Domain Controller.
Thanks for quick reply.
You pointed to my real concern:
I want to replace windows server with a linux box that replaces it as:
-- Domain controller
-- User/Group manager with user profiles stored on linux box
-- single sign-on.
What does Active Directory do exactly ?
Thanks.
You pointed to my real concern:
I want to replace windows server with a linux box that replaces it as:
-- Domain controller
-- User/Group manager with user profiles stored on linux box
-- single sign-on.
What does Active Directory do exactly ?
Thanks.
Thanks.
So theoretically by using a Linux distro with Samba4 I should be able to do all what a windows server can do (i.e PDC, AD)
In practice How good is it ? What distro does that the best?
Please give me some personal experience on the matter.
Thanks.
So theoretically by using a Linux distro with Samba4 I should be able to do all what a windows server can do (i.e PDC, AD)
In practice How good is it ? What distro does that the best?
Please give me some personal experience on the matter.
Thanks.
- Aug 24, 2012
- 16,249
- 1,518
- 87,240
Yes, but just how stable has it become? It seems to be in a perpetual beta for years now.
Edit: I see that it's gone RC1 but with a warning not to deploy into production environments as yet.
- Jul 26, 2008
- 3,873
- 520
- 23,840
Stop
Ask yourself a few questions.
Is this for a production environment or only a test / lab environment?
Is there a budget assigned to this project?
Does this system generate revenue or otherwise act as a critical component that's breaking would result in negative financial consequences?
Active Directory is a few things at once, primarily DNS and LDAP tightly integrated. SAMBA can only provide for the AD PDC emulator login tickets, it can not provide for the DNS resource queries to the LDAP nor the LDAP service itself. The authorization only services for shared resources not client to client authentication and security roles.
My personal suggestion is if your just learning then sure play with Samba and NT clients, it'll be fun. If this is for a business or production environment then just use a real NT server, it'll be more stable and a TON less headaches. The LDAP and DNS environment is tightly integrated and unless your an expert in ADC you won't be able to replicate those connections and objects inside an open source environment. You can use a Linux server to do lots of things, file services, backup services, web services, application hosting, network security device and so on. The one thing it's really not good for is acting as an AD authentication system for NT clients.
On a side note, you might not even need an AD server. Would RADIUS serve your needs?
Ask yourself a few questions.
Is this for a production environment or only a test / lab environment?
Is there a budget assigned to this project?
Does this system generate revenue or otherwise act as a critical component that's breaking would result in negative financial consequences?
Active Directory is a few things at once, primarily DNS and LDAP tightly integrated. SAMBA can only provide for the AD PDC emulator login tickets, it can not provide for the DNS resource queries to the LDAP nor the LDAP service itself. The authorization only services for shared resources not client to client authentication and security roles.
My personal suggestion is if your just learning then sure play with Samba and NT clients, it'll be fun. If this is for a business or production environment then just use a real NT server, it'll be more stable and a TON less headaches. The LDAP and DNS environment is tightly integrated and unless your an expert in ADC you won't be able to replicate those connections and objects inside an open source environment. You can use a Linux server to do lots of things, file services, backup services, web services, application hosting, network security device and so on. The one thing it's really not good for is acting as an AD authentication system for NT clients.
On a side note, you might not even need an AD server. Would RADIUS serve your needs?
- Jul 26, 2008
- 3,873
- 520
- 23,840
Honestly I've never used it for local authentication though I know it can work for shared resources.
TRENDING THREADS
-
-
Question New installed W11 on sdd, D drive (HDD) goes to the 100% in seconds
- Started by Emily_Vin
- Replies: 8
-
-
Facebook
Twitter
Instagram