[Samba] Using debian as backup authentication for win2003 AD server?

Mike Fedyk mfedyk at matchmail.com
Fri Sep 10 08:10:43 GMT 2004

Right now, I have one win2003 server running AD, and all of my (debian)
linux servers authenticating against an openldap server with libnss-ldap
(but not libpam-ldap).

After doing a little research[1], it looks like I can easily install
libpam-krb5 point it at the win2003 server, and use that for password
verification, but that brings up another issue.

Can I setup a linux based system to act as a backup kdc to the win2003
server?  Or should I just setup the kdc and ldap servers on linux and
have the windows machines authenticate against that?

Also, what about krb5 and heimdal?  Both are available in debian, but
why would I want to use one or the other?

Opinions, tips and links welcome.



More information about the samba mailing list