[Samba] AD in Samba 3

Harald Milz milz at seneca.muc.de
Tue Dec 7 19:46:32 GMT 2004


David Hargreave <davidh at fdk.com.au> wrote:
> Samba 3 based solutions cannot provide the following enterprise 
> services used by  the most recent releases of Microsoft products (XP, 
> Office 2003 etc)

A good example is the German Parliament - who gives a damn about this
AD featuritis, and they have 6000+ IT seats. ... You should discuss with
your management what you actually need. If all you need is NT4
functionality, Samba is Just Fine [TM].

Before anybody asks your management, come up with a suggestion for software
distribution and patch management for your XP machines. There are several
options that do work on Linux but SMS isn't one.  

> 1.  Active Directory Server support for Microsoft desktop operating 
> systems  and desktop applications ? some features will not be available 
> in office etc  without AD.

Correct - but do you need them? If you don't use M$ Exchange there is
little actual need for AD. 

> 2.  Group Policy Objects ? assist in reducing the effort required to 
> maintain a  secure network.

Which is more a question of your security policy than of M$ offerings. 

> 3.  Machine Policy Objects ? assist in reducing the effort required to 
> manage  the user desktop and workstation environments.
> 4.  Logon Scripts stored in Active Directory ? provides a single point 
> of  management for all critical user resources.

As do login scripts stored on a Samba server. This is a silly one. 

> 5.  Software Application and Access Controls in Active Directory ? 
> provides a  single point of management for all network security 
> settings.

Again - what are your actual security requirements. Don't buy (and pay!)
something you don't need. 

> 6.  Out of the box automated distributed directory services ? allows a 
> single  team to remotely manage servers and workstations in branch 
> offices and  provides disaster recovery capabilities.

...

Don't let these consultants bully you. Apparently, they do have a clue
about Windows and AD but ask them if they understand your actual needs. 

-- 
Signs of crime: screaming or cries for help.
		-- from the Brown Security Crime Prevention Pamphlet


More information about the samba mailing list