From owner-freebsd-questions@FreeBSD.ORG Mon Jun 8 03:11:28 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0FE44106566B for ; Mon, 8 Jun 2009 03:11:28 +0000 (UTC) (envelope-from tajudd@gmail.com) Received: from mail-qy0-f173.google.com (mail-qy0-f173.google.com [209.85.221.173]) by mx1.freebsd.org (Postfix) with ESMTP id BB02E8FC18 for ; Mon, 8 Jun 2009 03:11:27 +0000 (UTC) (envelope-from tajudd@gmail.com) Received: by qyk3 with SMTP id 3so3838753qyk.3 for ; Sun, 07 Jun 2009 20:11:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=6i3JK2YQXx4y8e6qgJIw6mMd5CadC6U1zxA3USZtuQ4=; b=aqO4a4VbKJFix8Jdv4g1MMFS9sxr609Z3xSMlzoSV7Puui/yeCmspmRcajvwDIOcu8 4c+Z6zWJ/n7idhuQEiWmXjPE8HCYoKtnreN4gdVEOgAWK1V2iDpiV2f5Q23gRM8slSUL llqn/28fXRRuB8PYvChZTnZ1NwpQVsjRBRzrk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=dOdLE+2sXiSrF6+X51g5LFiP3OSeevextWuZIYa+rWyyybHugMutKIMk2GlqfaJqDo rglPGAXFnEMYGS0Za535a7ZvyxxwuTiSCTUUlzAHGsQwRqCZ1Ggcc26dUDf1w976gok5 WjQSuCZle/UzRlNFSsJlYNKWyU3f1GwRg1wG4= MIME-Version: 1.0 Received: by 10.220.90.3 with SMTP id g3mr3355959vcm.20.1244430687126; Sun, 07 Jun 2009 20:11:27 -0700 (PDT) In-Reply-To: <200906080259.n582xtVg024068@banyan.cs.ait.ac.th> References: <273384.34545.qm@web81206.mail.mud.yahoo.com> <200906080259.n582xtVg024068@banyan.cs.ait.ac.th> Date: Sun, 7 Jun 2009 21:11:26 -0600 Message-ID: From: Tim Judd To: Olivier Nicole Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org, redtick@sbcglobal.net Subject: Re: Samba3 domain controller howto? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2009 03:11:28 -0000 yes, you are mis-understanding samba itself is a NT4-type domain. samba can use authentication backends that include passwd files, LDAP and kerberos. Active directory is a requirement to use LDAP, whereas samba is offering it as a auth backend only. fine line, I know. IOW, whereas Active Directory - as a technology: Uses kerberos for authorization Uses LDAP for a storage backend for Kerberos Uses user@domain logins (thanks to Kerberos), Uses other techs not related to this thread NT4-style domains - as a technology: Not using Kerberos Not using LDAP storage Samba allows it's authorization backend to offer more possibilities than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. It's technology vs technology, not product vs product. On 6/7/09, Olivier Nicole wrote: > Hi, > >> Samba is still only a NT4-type >> DC, no Active Directory type of function (Group Policies, user@domain >> logins, kerberos, ldap, etc) > > I am not sure if I understand you well, but my samba is authenticating > users agaiinst LDAP. > > Best regards, > > Olivier >