[Samba] Active Directory to OpenLDAP+Kerberos on Linux

Akshay Guleria akshay.guleria at gmail.com
Fri Oct 14 03:56:39 GMT 2005

> > My readings of the docs is that while Samba can't be a DC in an AD
> > domain, there is nothing to stop it from being a DC in an LDAP/Kerberos
> > domain.
> You can setup Samba3 to honour an MIT kerberos realm (getting the
> clients to function is a different matter, but possible).  You can also
> have Heimdal backed onto Samba3's LDAP database, which you can populate
> with the vampire tools.  And yes,, the goal of Samba4 is to host an
> AD-like domain, using the AD protocols.

so, as i understand this, one can setup samba+MIT kerberos to achieve
authentication and file & print services just like AD does. Right!?
so, whats the challenge here? -
1. migrating the data from AD to LDAP.  munging the passwords and then
importing it in LDAP.
2. do i need to re-join the clients to the samba domain. !?
3. for the time being, i think incporporating DNS, DHCP like AD does
is out of the scope of our discussion.

Haven;t found any thing on web that can help me setting this kind of a
thing. Can you please point me to such a documentation.


More information about the samba mailing list