Windows 2000 domain development [was Re: TNG-stable]
Gerald Carter
gcarter at valinux.com
Mon Oct 2 03:47:17 GMT 2000
[Cross posted to samba-technical. Please post follow ups
there. Thanks.]
Mike Brodbelt wrote:
>
> > We haven't even really started on Win2K
> > domains, either, as far as I know.
>
> What are the plans with regard to this? Are there any?
> The mess MS made of Kerberos caused a lot of discussion
> a while ago, but I've heard little since. Is anyone
> working from the MS document on the grounds that
> their position that it is a trade secret is legally
> untenable, or is anyone trying to clean room
> reverse engineer the protocol? Or is it just
> too soon for anything to happen in this arena yet?
Here is my line of thinking.
o First project is to get an AD compatible schema
implemented in OpenLDAP so we can store user account
attributes for Samba. This is only a stepping stone.
o By implementing the previous step, it will be a little
easier to incorporate Samba as a Windows 2000 domain
member.
o The final piece is a UNIX based KDC that knows
about the infamous Windows 2000 PAC.
I realize this is **extremely** simplified. Just a quick
attempt to map development out.
Of course, from a development standpoint, this comes after
the solidified NT 4 domain controller support. We need
a more complete MS-RPC subsystem to move ahead.
btw...Jean-Francois is making progress on porting SAMR
functions from TNG into HEAD. Just a little "Hooray!" for
JF. :-)
Cheers, jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com VA Linux Systems gcarter at valinux.com
http://www.samba.org SAMBA Team jerry at samba.org
http://www.eng.auburn.edu/~cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-technical
mailing list