I keep seeing questions about Windows Active Directory, so I will pass along what info I have been able to gather. Active Directory is billed as Microsoft's LDAP service, used to hold user, group, and other such data and is standard with Windows 2000. While billed as LDAP, Active Directory does not conform to standard LDAP schema, which will break some ldap clients written specifically to those standards. ( Technically, the LDAP protocol is standard, however the data format is not.) Windows 2000 can be installed in three modes: 1) NT mode - PDC/BDC responds to old-fasioned NT domain requests. 2) Mixed Mode - Domain services respond to both NT and Active Directory requests. 3) Native Mode - Domain only responds to Active Directory requests. One caveat here is that ( at least in my experience ) Native mode still includes NT services for user and group for compatability with older Windows clients. (unless the admin shuts NT services down. If so, I expect that older Windows versions would stop working along with Samba and any SMB enabled PAM modules i.e. pam_windbind.so and pam_smb_auth.so ) Active Directory can be secured using Kerberos, however Microsoft has modified the kerberos protocol to suit their needs, thus making it incompatable with other "standard" kerberos implementations. While this is the limit to what I know about Active Directory, it is as accurate as I have been able to determine. Feel free to correct me. I am not an expert. Just a frustrated UNIX admin. Paul Orwig Pacific Life
Will samba 3.0 actually interface with an Active Directory? Has anyone successfully go it to work. If so please share.. Josef D. Allen
Josef Allen wrote:> > Will samba 3.0 actually interface with an Active Directory? Has anyone > successfully go it to work. If so please share..Samba 3.0alpha can be a member of an Active Directory domain, reading user lists with LDAP and allowing kerberos authenticaion. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net
Is it possible for samba to host an Active Directory? Like Windows Advanced Server?
On Thu, 2003-01-23 at 09:58, Angel E. Gabriel wrote:> Is it possible for samba to host an Active Directory? Like Windows > Advanced Server?no -- Bradley W. Langhorst <brad@langhorst.com>
Silly question....will samba join a WIN2K active directory domain? At this time, I've joined a NT domain. If this is possible, what would be the proper syntax? Or...any documents? Bill Pappas
Hi Bill, It will. All you need to do is tick the box which says soemthing like "Allow pre-Windows 2000" when you create the Samba machine's account on the DC. Then just run 'smbpasswd -j domain' etc. HTH Noel -----Original Message----- From: Pappas, Bill [mailto:Bill.Pappas@stjude.org] Sent: 21 April 2003 15:01 To: 'samba@lists.samba.org' Subject: [Samba] Active Directory Silly question....will samba join a WIN2K active directory domain? At this time, I've joined a NT domain. If this is possible, what would be the proper syntax? Or...any documents? Bill Pappas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
I have dug through some man pages, searched the archives for some time and googled for info on this but nothing yet. I'm sure this has been covered already so all I am really asking for is if someone could point me in the right direction to where I can educate myself on connecting my RedHat 9 workstation to our new Windows 2003 Active Directory file server. I can hit my Samba server and my NT servers without a problem using the following in my /etc/fstab: //winserver/share /home/shares/sharename smbfs credentials=/home/.smbpasswd,workgroup=DOMAIN,uid=500,gid=100 0 0 This even worked fine when I first fired up the 2003 server but it dies on me with the following after I setup Active Directory: [root@dirt source]# mount /home/shares/sharename 15736: tree connect failed: ERRDOS - ERRnoaccess (Access denied.) SMB connection failed [root@dirt source]# Any pointers to some good educating materials would greatly be appreciated. Thanks, -russ