Hola folks, After a few years of slowly phasing in various Linux and BSD platforms, the company I work for is willing to take a hard look at replacing its existing Windows NT domain controllers with a Linux/Samba combination. We only have about sixty people in our main office, but most of my experience is with smaller deployments. I'm not looking for step-by-step instructions, that's obviously my responsibility to figure out. ;) I'm looking for success stories - those of you who have successfully migrated a Windows NT domain to Samba, and how you've benefitted from the move. General questions I do have: 1. Will a Samba PDC establish trust relationships with NT PDCs? 2. What anti-virus software exists for Windows clients which will automatically grab signature updates from an internal server? 3. Do you mostly use scripts to manage users, or a GUI? 4. Is it LDAP/Samba integration possible? Thanks, Chris
> 1. Will a Samba PDC establish trust relationships with NT PDCs?Yes. But I a really reccomend you have all PDCs under Samba, since my feeling is they are much stable an easier to manage than real M$ ones :-) It's an advice, you can keep your PDC under NT if you want.> 2. What anti-virus software exists for Windows clients which will > automatically grab signature updates from an internal server?Dunno. All users here are under W2K with Norton Anti-virus auto-update mode on... This works nicely and const about $60 USD -max price, you can get cheaper with bundle licenses. I'm thinking about replacing this costly solution and potentially risky (I need to trust Norton...) with a centralized anti-virus software on samba shares...> 3. Do you mostly use scripts to manage users, or a GUI?AFAIK, there are many GUI for you convenience (SWAT or SWAT module for webmin...). I personaly prefer scripts.> 4. Is it LDAP/Samba integration possible?Sure. This works really well, look at samba-ldap-tools. My 2 cents. -- Jean-Paul ARGUDO
On Wed, 2003-02-19 at 08:30, Sorisio,Chris wrote:> Hola folks, > > After a few years of slowly phasing in various Linux and BSD platforms, the > company I work for is willing to take a hard look at replacing its existing > Windows NT domain controllers with a Linux/Samba combination. We only have > about sixty people in our main office, but most of my experience is with > smaller deployments.Look into the 'net rpc samsync' in Samba 3.0.> I'm not looking for step-by-step instructions, that's obviously my > responsibility to figure out. ;) > > I'm looking for success stories - those of you who have successfully > migrated a Windows NT domain to Samba, and how you've benefitted from the > move. > > General questions I do have: > > 1. Will a Samba PDC establish trust relationships with NT PDCs?This is a work in progress. We don't have the 'winbind on PDC' code in place at present, so that end requires manual user creation. Samba 3.0 supports being trusted by NT without any problems (I use it at my site).> 2. What anti-virus software exists for Windows clients which will > automatically grab signature updates from an internal server? > 3. Do you mostly use scripts to manage users, or a GUI?Scripts. I also use 'GQ' as an LDAP GUI admin tool.> 4. Is it LDAP/Samba integration possible?It's the only way to go. Our LDAP backend currently doesn't deal with Groups and Privileges at present, but this is being worked on. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030219/1ae91626/attachment.bin
This is promising news, but after reading through various large chunks of documentation last night, I have a few more worries. 1. We have an MS Exchange 5.5 server in place that we will not be able to phase out this cycle. Hopefully by 2006... 2. We have a handful of remote branch offices. These offices currently reside in their own NT domains with WAN connections back to the main office. All their e-mail and Internet access is handled through the main office via the WAN. Questions: 1. Does MS Exchange 5.5 play nice with a Samba PDC? We use (cough) Outlook on the desktop, which is something else we will not be able to phase out this cycle, and the MAPI interface. Exchange needs to auth users against the PDC. 2. If I collapse all the users into a single NT domain and turn the remote branch office PDCs into Samba BDCs with a Samba PDC at the main office (some documentation has been written on how to do this, anyone actually doing it?) would that work? 3. Is Samba 3.0 stable enough to consider using in production? Six months from now, is it going to be "officially" production-ready? (I know, I know - "when it's ready." :) ) Thanks to everyone who has given feedback, I greatly appreciate it. Chris