On Sun, 2005-07-17 at 09:13 -0500, Bryan J. Smith wrote: > But no, Samba 3.0 cannot: > - Handle extensive, ADS-centric Schema (e.g., Exchange) and interfaces > - Be a DC to other, native Windows DCs > These are likely _never_ to happen (especially the first one). But the good news with Samba 3.0 is that it _can_: - Be a BDC or PDC to native Windows NT 4.0 PDC or BDCs - Completely emulate all CIFS/PDC functionality In other words, you can replace _all_ NT 4.0 PDCs and/or BDCs with Samba 3.0. You can even put in a Samba 3.0 instance as a BDCs, then promote it as a PDC with virtually no issue -- getting rid of any NT 4.0 requirement on your network. You can then enable the ADS functionality, and have a network that looks like an ADS domain from the Windows clients and even native Windows member servers. But no, it won't work with Windows services that extend the schema (e.g., Exchange) and not, it won't replicate with native Windows DCs. How you address that -- either making your UNIX network native Windows ADS' bitch, or segment the UNIX and Windows networks, and use facilities to synchronize passwords, schema, etc... (be they free or various commercial utilities) -- is up to you. But Samba on its own is _not_ an "enterprise directory solution." It is just the facility by which various Windows interfaces and services are supported. Even it still relies on external LDAP and Kerberos mechanisms for schemas/store and authentication/store, and you should remember that those LDAP and Kerberos mechanisms can be used for _real_ UNIX capabilities outside of just Samba. E.g., there are ways to store various, former NIS maps in LDAP (such as NFS automounter maps), as well as authentication UNIX systems _directly_ with Kerberos. Sometimes people get so focused on Samba, and using 2nd or even 3rd compounded services upon compounded services through Samba -- they forget to use the native UNIX service. E.g., authenticating UNIX/Linux users with NTLM, instead of just using Kerberos. -- Bryan J. Smith b.j.smith at ieee.org --------------------------------------------------------------------- It is mathematically impossible for someone who makes more than you to be anything but richer than you. Any tax rate that penalizes them will also penalize you similarly (to those below you, and then below them). Linear algebra, let alone differential calculus or even ele- mentary concepts of limits, is mutually exclusive with US journalism. So forget even attempting to explain how tax cuts work. ;->