[Samba] Samba 4's Embedded Kerberos and LDAP Server

[Matt Proud]

Hello,

After looking into Samba 4's offerings, I am curious about the extent
to which they might render other daemons redundant. I read that there
were some difficulties with respect to OpenLDAP that ultimately
resulted in the inclusion of an internal LDAP server. Now Heimdal
Kerberos V appears to be integrated. To what extent can these embedded
versions replace stand-alone OpenLDAP or Heimdal Kerberos systems, and
to what extend should they? How flexible is Samba 4's LDAP server?

In particular, if I used Samba 4 for Windows authentication, is there
any reason that I should maintain a separate Kerberos and LDAP server
for my Linux clients if I wanted to migrate authentication from some
other directory via PAM and NSS?

As an aside, I can appreciate the integration of these things, but is
this kitchen sink approach necessary when interoperability between the
separate packages could be increased?

Best,

Matt