[CentOS] Re: Fix passwd/shadow/group files? -- Samba 3.0 v. ADS v. CIFS
Feizhou
feizhou at graffiti.net
Sun Jul 17 15:09:19 UTC 2005
Bryan J. Smith wrote:
>On Sun, 2005-07-17 at 22:29 +0800, Feizhou wrote:
>
>
>>Since when did Samba manage to pull off become an ADS DC for Windows
>>2000/XP workstations?
>>
>>
>
>At this point, you're hopelessly lost. I can keep talking about it, but
>you won't get it until you have some "technical background."
>
>
You assume too much and you are not clear enough in what you post.
>First off, read up on Samba 3.0. It is a set of "technologies" for
>Windows interoperability. To emulate an ADS DC, you have to add LDAP
>and MS Kerberos into the mix. It _only_ emulates it to a point.
>
>
>
Geez....I've been trying to get whether you are saying there was a way
to do the whole ADS DC thing without a MS-Kerberos in the mix.
>The only "big issue" is what Microsoft is doing with ADS. MS is
>purposely tying its services to its own MS LDAP schema and interfaces
>into that schema, in order to make all networks completely reliant on
>its own, native ADS. This will be a "moving target" for Samba.
>
>The key is to _not_ adopt MS services that require those ADS-only schema
>and interfaces -- e.g., MS Exchange, MS SQL Server, etc... Enterprise
>with 10,000+ nodes do _not_ because they do not scale. In the worst
>case, they limit their exposure to them -- "regionalize" or
>"departmentalize" their deployment.
>
>
>
>
How do you get centralized user account management without MS Kerberos?
More information about the CentOS
mailing list