[Samba] Differences: ADS vs Samba-3 controlled domain

Axel Thimm Axel.Thimm at ATrpms.net
Tue Nov 9 09:18:28 GMT 2004


what are the essential differences between a Samba 3 controlled domain
(thus an NT4-legacy domain) vs an ADS Microsoft controlled domain?

AFAICT single-sign on, common password backends etc. can be modelled
with LDAP & KRB. Without ADS I cannot use some Microsoft GUIs to
add/edit/remove users/printers/file shares. Also deploying group
policies seems to be harder.

What are the true reasons for going ADS, and what can be done against
it? ;)

And what are blockers for a Linux/Unix environment to go ADS? Is LDAP
scripting with ADS as easy as with OpenLDAP for instance? Can I place
all my NIS schemes onto ADS' LDAP, or will I stumble over proprietary

Background: A medium sized educational facility (order 1000 nodes and
users) considers consolidating Linux and Windows >= 2000
authentication services and the Win-fraction praises ADS for it, while
the Linux fraction shivers with the idea of having the most important
piece of security lost to a black box ...

Axel.Thimm at ATrpms.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20041109/569d3f81/attachment.bin

More information about the samba mailing list