[Samba] Samba AD PDC , LDAP and Single-Sign-On (was: re: Samba Internal DNS vs. BIND_DLZ)

Marc Muehlfeld mmuehlfeld at samba.org
Mon Aug 31 21:08:33 UTC 2015


Hello,


Am 31.08.2015 um 21:21 schrieb Jim Seymour:
> The Plan was an AD PDC that used OpenLDAP.  That way: OpenLDAP data,
> replicated to the mail server, could be used for sign-on there, too.

I haven't followed the original thread, so I don't know what was already
discussed there.


If you're talking about a PDC: Yes, you can use openLDAP as backend, as
you always could for a NT4 domains.


However you seem to talk about AD, so I think you wrongly mix up PDC
with DC. If you're talking about Active Directory, then you can't use
openLDAP as AD backend for Samba in it's current state. Nadya is working
on this, but it will still take some time, until this is finished. And I
can't say if and how replication between an AD openLDAP and a classic
one would work because it requires special stuff.

If interested, see Nadyas SambaXP talk from 2014:
http://archive.sambaxp.org/fileadmin/user_upload/SambaXP2014-DATA/thu/track1/Nadezhd_Ivanova-Samba4withOpenLDAPBackend-It_sAlive.pdf



Regards,
Marc



More information about the samba mailing list