[Samba] Implement Samba4 AD

Matthieu Patou mat at samba.org
Wed Nov 23 12:00:32 MST 2011

On 23/11/2011 14:01, Andreas Moroder wrote:
> Am 23.11.2011 13:00, schrieb Daniel Müller:
>> Hello again,
>> why do you have to change to ADS?
> Because it is hard to manage 700 PCs without grpup policies.
>> And yes samba4 ADS is stable enough to do the job.
>> As to your needs you have to join your Samba3 machines to the new ads.
>> As far as I know there is meanwhile a tool in samba4 to vampire your 
>> samba3
>> nt-domain to samba4.
>> With SOGo/Openchange/Samba4 as addition you can have even your own 
>> Exchange
>> like server.
> we have many other applications ( imp/horde, MRBS, squid and many more 
> ) that authenticate against openLDAP.
Do you need specifically OpenLDAP or any LDAP server should work ?, it 
the fist then it's a blocker if not then Samba 4 DC embed his own LDAP 
server as it's a pillar of the ActiveDirectory infrastructure and should 
be able to work correctly.

Also do they need a special schema ? (squid don't)

For information I've been running a small Samba4 Domain  in production 
(~ 40 users and computers, ~ 15 servers) for more than 3 years now, NTLM 
auth with squid is working like a charm, mschapv2 for Radius is working 
well too.
We are also doing alias and mailbox resolution with postfix and the 
postfix ldap backend.
> For us it is very importatn that that continues to work.
Depending on your budget you might be interested to contract with some 
company who employ samba-team members for some support.
> Bye
> Andreas

Note: I put your thread in the samba-technical as most Samba4 question 
are welcomed on this list.


Matthieu Patou
Samba Team

More information about the samba mailing list