From owner-freebsd-isp@FreeBSD.ORG Sun Nov 16 02:00:22 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C65016A4F3 for ; Sun, 16 Nov 2003 02:00:22 -0800 (PST) Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id 13CF443FAF for ; Sun, 16 Nov 2003 02:00:20 -0800 (PST) (envelope-from andreas@klemm.apsfilter.org) Received: from srv1.cosmo-project.de (localhost [IPv6:::1]) hAGA0At2076671 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Sun, 16 Nov 2003 11:00:10 +0100 (CET) (envelope-from andreas@klemm.apsfilter.org) Received: (from uucp@localhost)hAGA099o076670; Sun, 16 Nov 2003 11:00:09 +0100 (CET) (envelope-from andreas@klemm.apsfilter.org) Received: from titan.klemm.apsfilter.org (localhost.klemm.apsfilter.org [127.0.0.1]) by klemm.apsfilter.org (8.12.10/8.12.9) with ESMTP id hAG9wcrJ057930; Sun, 16 Nov 2003 10:58:38 +0100 (CET) (envelope-from andreas@titan.klemm.apsfilter.org) Received: (from andreas@localhost)hAG9wbiu057920; Sun, 16 Nov 2003 10:58:37 +0100 (CET) (envelope-from andreas) Date: Sun, 16 Nov 2003 10:58:37 +0100 From: Andreas Klemm To: Eric Anderson Message-ID: <20031116095837.GB43167@titan.klemm.apsfilter.org> References: <20031113224321.GA44854@titan.klemm.apsfilter.org> <3FB4F01D.8020008@centtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3FB4F01D.8020008@centtech.com> X-Operating-System: FreeBSD 5.1-CURRENT X-Disclaimer: A free society is one where it is safe to be unpopular User-Agent: Mutt/1.5.4i cc: freebsd-isp@freebsd.org Subject: Re: someone using openldap for ~3500 windows user for authentication ? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Nov 2003 10:00:22 -0000 On Fri, Nov 14, 2003 at 09:09:17AM -0600, Eric Anderson wrote: > Andreas Klemm wrote: > > >Would like to ask some questions about this if somebody > >has made experiences with this ... > > > Are you planning on using Samba as a PDC for authentication, or did you > have another way? Currently I only know little, how people plan to do it. >From my understanding they want to move away from NT4 PDC/BDC concept to a more open standard (->LDAP). >From what I read they need for windows clients to authenticate a Windows directory server (Meta Directory it was called in 2002 and should be in developement at that time, dunno if this product name still applies), since Windows clients cannt communicate directly with a LDAP server for authentication purposes. I assume this Directory Server can be substituded by samba. I assume samba can talk to LDAP server. But I don't know exactly ... And I dunno that other things they plan, that maybe require the M$ directory server and which Samba still can't perform. I was not at the customer at the meeting, I only have it from hearsay of the consultant who was there ... I'm currently only digging for informations, what pitfalls are involved with such a migration. Andreas /// -- Andreas Klemm - Powered by FreeBSD 5.1-CURRENT Need a magic printfilter today ? -> http://www.apsfilter.org/