[Samba] PDC BDC should I or shouldn't I?

[Buchan Milne]

> Message: 1
> Date: Thu, 18 Jul 2002 09:51:07 -0400
> From: Quenten Griffith <qgriffith at edm1.com>
> To: samba at lists.samba.org
> Subject: [Samba] PDC BDC should I or shouldn't I?
> 
> Hello everyone  I hope this is the right place to post this question.  I 
> have all but eliminated all Microsoft servers in my current work 
> environment, expect two boxes, which are our PDC and BDC, they also are 
> the DNS, Dial in With Rocket Port Card, DHCP, Winslookup servers.  I 
> would like to remove these NT boxes and replace them with a nice shiny 
> new Linux box running Samba.  Reading some of the FAQ's on samba.org 
> about PDC and BDC has me a bit worried and wondering if I should wait 
> till version 3.0 of Samba is released.  Since I saw in one documentation 
> that PDC will be fully enabled in that version.  I am wondering if any 
> one has and success or horror stories with setting up a PDC with Samba. 
>  My co workers will need to be able to do the following;

We started out with a samba PDC, and we are currently in the process of 
adding a BDC, which will be done via LDAP. We have migrated our PDC to 
use LDAP, but need to finish up integration of user and machine addition 
with LDAP.

> 
> Log in from WIN98, WIN2K, NT 4.0 (and maybe at some point XP) *I am 
> afraid I will never be able to switch workstations to Linux and I am 
> stuck with Windows Products*

Well, getting your servers moved to linux makes it a lot easier to 
migrate desktops, since they can use NFS instead of smbfs.

> 
> Change their password when it expires (with out having to log in to a 
> linux box)

Changing the password is no problem, I have just had problems with the 
password then no being unexpired ....

> 
> Map Drives and of course access them.
> 

No problem.

> Have Roaming Profiles

No problem.

> 
> Share Printers that are hooked up to Jet Directs
> 

No problem.

> Add new machines to the network with out me having to do anything on the 
> Linux box (such as with Win2k when you assign a new machine to the 
> network you give it the domain controller and your username and password 
> and it will add to it)

With samba using LDAP for password storage, any domain admin can add a 
machine. Using an smbpasswd file, you have to have a root account, which 
must be used when adding users or machines to the domain.

> 
> I will take care of adding new users when they come along or write a 
> script that does everything automaticly.  I will also need the box to be 
> able to talk to a BDC and sync up with it.  Which will be another Samba 
> box.  I see this though in one of the FAQ's
> 
> "These things are not expected to work in the foreseeable future:
> 
>     *
> 
>       Trust relationships
> 
>     *
> 
>       PDC and BDC integration"

This refers to integration with Windows PDC/BDCs.

> 
> Which worries me a little.  If anyone can provide good feedback such as 
> should I wait till version 3.0 of Samba comes out to try this or is this 
> not doable yet or good documentation or books on this subject I would 
> appreciate it.  I plan on using 2.2.5 version of Samba to try this. 
> Thank you for your time, and if this is the wrong place to post this I 
> apologize.

2.2.5 should work acceptably for your purposes, but only with samba 
storing accounts in LDAP (since with smbpasswd you can not set the RID, 
so permissions on the desktops will be stuffed.

Buchan.

-- 
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x202
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7