On Sun, 2005-07-17 at 22:03 +0800, Feizhou wrote: > Are you saying that Samba can emulate ADS DCs? Yes and no. Yes, Samba 3.0 can provide ADS DC functionality such as: - Authentication (including full MS Kerberos as KDC**) - Naming (DNS SysRecs, NetBIOS/WINS, etc...) - Basic ADS Schema for DCs in LDAP This includes: - Samba 3.0 being a "member server" to native Windows DCs [ **NOTE: IIRC, Microsoft's Kerberos can one-way trust to UNIX Kerberos Realms without issue. But going the opposite way, that's where the MS Kerberos modifications were required. Hence how Samba 3.0 can be a member server in a native Windows DC ADS setup, or even completely emulate the ADS DC authentication facilities in the absence of any Windows DCs and it controls the ADS network. ] But no, Samba 3.0 cannot: - Handle extensive, ADS-centric Schema (e.g., Exchange) and interfaces - Be a DC to other, native Windows DCs These are likely _never_ to happen (especially the first one). -- Bryan J. Smith b.j.smith at ieee.org --------------------------------------------------------------------- It is mathematically impossible for someone who makes more than you to be anything but richer than you. Any tax rate that penalizes them will also penalize you similarly (to those below you, and then below them). Linear algebra, let alone differential calculus or even ele- mentary concepts of limits, is mutually exclusive with US journalism. So forget even attempting to explain how tax cuts work. ;->