Windows 2000 domain development [was Re: TNG-stable]

Gerald Carter gcarter at valinux.com
Mon Oct 2 03:47:17 GMT 2000


[Cross posted to samba-technical.  Please post follow ups
there.  Thanks.]


Mike Brodbelt wrote:
> 
> > We haven't even really started on Win2K 
> > domains, either, as far as I know.
> 
> What are the plans with regard to this? Are there any? 
> The mess MS made of Kerberos caused a lot of discussion 
> a while ago, but I've heard little since. Is anyone 
> working from the MS document on the grounds that
> their position that it is a trade secret is legally 
> untenable, or is anyone trying to clean room 
> reverse engineer the protocol? Or is it just
> too soon for anything to happen in this arena yet?

Here is my line of thinking.  

  o First project is to get an AD compatible schema 
    implemented in OpenLDAP so we can store user account 
    attributes for Samba.  This is only a stepping stone.

  o By implementing the previous step, it will be a little
    easier to incorporate Samba as a Windows 2000 domain 
    member.

  o The final piece is a UNIX based KDC that knows 
    about the infamous Windows 2000 PAC.

I realize this is **extremely** simplified.  Just a quick
attempt to map development out.  

Of course, from a development standpoint, this comes after 
the solidified NT 4 domain controller support.  We need
a more complete MS-RPC subsystem to move ahead.  

btw...Jean-Francois is making progress on porting SAMR
functions from TNG into HEAD.  Just a little "Hooray!" for
JF.  :-)






Cheers, jerry
----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com  VA Linux Systems    gcarter at valinux.com
       http://www.samba.org       SAMBA Team           jerry at samba.org
       http://www.eng.auburn.edu/~cartegw

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )






More information about the samba-technical mailing list