>> Take my advice: >> yum erase samba == uber happiness >> >> Get ldap working, no interop issues with the old samba version in rhel and >> newer ms servers. Plus you will be using something forward compatible that >> a txt edit could likely fix in the event something drastic changed in the >> schema and search filters for example had to change. > > +1 > > We've been using nss_ldap against AD for years. It's never a problem. > > Jeff > _______________________________________________ > > Version 3.4.5 of Samba did end up resolving the issue I was having and now AD users can login to the box. I am however interested in going the LDAP route mainly for the forward compatability reason stated by Jeff. Is there anything special I need to do on the DC for the LDAP authentication to work? > Do we lose kerberos security if one switches from samba + winbind to ldap?