Date: Mon, 08 Jun 2009 13:18:13 +0200 From: Mister Olli <mister.olli@googlemail.com> To: Tim Judd <tajudd@gmail.com> Cc: Olivier Nicole <on@cs.ait.ac.th>, freebsd-questions@freebsd.org, redtick@sbcglobal.net Subject: Re: Samba3 domain controller howto? Message-ID: <1244459893.12252.17.camel@phoenix.blechhirn.net> In-Reply-To: <ade45ae90906072011m21e9c5a8k28da8c246e1a6aef@mail.gmail.com> References: <273384.34545.qm@web81206.mail.mud.yahoo.com> <ade45ae90906071218u794e8d3aqe4f5eee5a389a67d@mail.gmail.com> <200906080259.n582xtVg024068@banyan.cs.ait.ac.th> <ade45ae90906072011m21e9c5a8k28da8c246e1a6aef@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
hi, > yes, you are mis-understanding > > samba itself is a NT4-type domain. not quite right. It depends on the samba version your using. - samba3 only provides NT4-type domains - samba4 provides active directory domain types including GPO (I have such a setup running in 7.<SOMETHING> with around 10 users. It works quite good, beside the fact that samba segfaults from time to time (which I covered by running samba4 in foreground within an endless bash.-loop)). there is even a new build-option that creates the 'samba franky' release which uses samba3 & samba4 at the same time to make nearly all samba3 feature in combination with AD environments available, but it didn't have the time to look into that. But it sounds quite promising, since samba4 lacks some features samba3 already has. Regards, --- Mr. Olli > samba can use authentication backends that include passwd files, LDAP > and kerberos. Active directory is a requirement to use LDAP, whereas > samba is offering it as a auth backend only. > > fine line, I know. > > IOW, whereas Active Directory - as a technology: > Uses kerberos for authorization > Uses LDAP for a storage backend for Kerberos > Uses user@domain logins (thanks to Kerberos), > Uses other techs not related to this thread > > NT4-style domains - as a technology: > Not using Kerberos > Not using LDAP storage > > Samba allows it's authorization backend to offer more possibilities > than NT4's own methods. Such as passwd files, LDAP, Kerberos, etc. > > > It's technology vs technology, not product vs product. > > > On 6/7/09, Olivier Nicole <on@cs.ait.ac.th> wrote: > > Hi, > > > >> Samba is still only a NT4-type > >> DC, no Active Directory type of function (Group Policies, user@domain > >> logins, kerberos, ldap, etc) > > > > I am not sure if I understand you well, but my samba is authenticating > > users agaiinst LDAP. > > > > Best regards, > > > > Olivier > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1244459893.12252.17.camel>