Samba/Samba-TNG and LDAP/PDC State?
Buchan Milne
bgmilne at cae.co.za
Fri Nov 30 02:11:13 GMT 2001
Most of your questions have been answered, I just have one or two comments:
>Message: 13
>Date: Thu, 29 Nov 2001 10:34:23 -0500 (EST)
>From: Michael Cunningham <archive at xpedite.com>
>To: samba-ntdom at lists.samba.org
>Subject: Samba/Samba-TNG and LDAP/PDC State?
>
>Hiya,
>
>I am working on converting my entire company over
>to using LDAP for all system authentication and information
>storage such as address info..etc. The unix portion
>of the new system is working well. I now need to figure
>out what is the best solution for our windows community.
>
>It consists of 400+ win95/98/ME/NT 4.0 and most likely soon..
>Windows XP. Their are many domains throughout the company
>and no real standards. We plan on putting all systems in
>one or two main domains and implementing many corporate standards.
>In order to accomplish this.. I would like to use Samba/Samba-TNG
>to authenticate everything off our LDAP system and have the capability to
>do the following.. (according to my PC guys... I am a Unix guy)
>
> - PDC functionality
> - Replication of SAM database/SID from PDC to BDC
>
Why do you need a BDC? BDC's are only required for systems where you
expect the PDC to go down. There are also other means of accomplishing
failover PDC functionality.
>
> - login script support/replication
> - Supports trust relationships between domains (NT or samba)
>
Samba does not support trust relationships yet. But if you keep
smbpasswd's in LDAP, you can have trust-relationship-like functionality
between samba servers.
> - Supports global and local groups
>
Not for clients, but if you can store all files on samba servers, unix
groups are available.
>
> - Ability to add and remove machine from the domain
>
samba-2.2.2 supports WinXP. Not sure about TNG
>
> - Store SAM database/SID in LDAP?
>
There are patches for samba-2.2.2 that do this, don't have a link hany
now, but it should be in the archives.
>
> - Wins server capability
> - Able to to support roaming profiles
> - Will allow all avaliable versions of windows to join/access the
> domain.
>
>What is my best choice.. Samba or Samba-TNG?
>
>I have done a ton of reading about both products but nothing seems to
>compare and contrast them. Any infomation you can offer will help
>make this critical crossroad decision.
>
The other thing is that samba suports ACLs on ACL capable filesystems
(notably XFS, or ext with patches), which TNG does not. This should be a
further concern or your pc guys.
--
|----------------Registered Linux User #182071-----------------|
Buchan Milne Mechanical Engineer, Network Manager
Cellphone * Work +27 82 472 2231 * +27 21 808 2497 ext 202
Stellenbosch Automotive Engineering http://www.cae.co.za
More information about the samba-ntdom
mailing list