Samba 4.0 questions
Simo Sorce
idra at samba.org
Sat Oct 29 21:38:05 GMT 2005
On Wed, 2005-10-26 at 11:15 -0700, Krishna Ganugapati wrote:
> I just took a look at the Samba 4.0 SVN - nice to see an integrated
> KDC with an LDAP server. My question is as follows.
>
> 1) Given that a member server (non DC) doesn't run a KDC, I'm assuming
> that at configure time, I get the option whether to build a member
> server or a domain controller - is this the case?
No, our aim is to select subsystems based on configuration, so that no
recompilation is needed.
> 2) The documentation says that you can join a Win2K or WinXP box to a
> Samba 4.0 domain controller, but won't client based secure dns updates
> be broken given that BIND does not support gss TSIG
afaik, there should be some gss-tsig support in latest bind 9, but never
tested that so I can't really comment on the functionality, I'm sure we
will address the problem if still out there on next releases of samba4
> 3) Will the Samba LDAP server
> a) support NT security descriptors?
yes
> b) multiple naming contexts
yes
> c) dynamic schema updates
yes
we will try to be as much compatible to AD Ldap server as needed to be
able to be an AD DC.
> 4) Is the LDAP server a fresh effort or are you leveraging OpenLDAP?
Currently we have a new LDAP implementation that is not based on
OpenLDAP.
Simo.
--
Simo Sorce - idra at samba.org
Samba Team - http://www.samba.org
Italian Site - http://samba.xsec.it
More information about the samba-technical
mailing list