Salt below appropriately to the fact that I have only looked at using these, I have not yet done the implementation I want to do. > -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Jeff Boyce > Sent: Wednesday, April 27, 2011 14:54 > To: centos at centos.org > Subject: Re: [CentOS] User accounts management for small office > > The opinions both for and > against > OpenLDAP have made me take a little closer look at it, but my > conclusion is > that it is more cumbersome than what I really want to handle right now > for > the size of the network. I have looked closer at Samba/Wins/Winbind, > etc. In the LDAP arena 398  looks to me like it should ease a) the mysteries of configuring LDAP, and b) integrate with AD. 389 is in EPEL. > and it looks like the main source of my current problem is that my > Samba > network is setup now as a Workgroup and not as a Domain. I didn't > understand that difference when I ran across the quote I included > above. It > looks like if I change to a Domain and configure it properly with > Wins/Winbind that I should be able to have the single point password > changing option occur from the Windows desktop. I am now re-reading > sections of my copy of the Definitive Guide to Samba 3 which should > help me > (although it was published before Vista and 7, which all my > workstations are > now). > You may also want to look at the samba Franky which could get you enough of samba4 to (from what I understood and want it for) become the full PDC for the windows system, but it is as the name suggests a monster.  https://wiki.samba.org/index.php/Franky https://wiki.samba.org/index.php/Main_Page#Franky https://wiki.samba.org/index.php/Combined_build_issues  http://directory.fedoraproject.org/ In any case, when you get something working, I would like to see the success story here.