[Samba] samba as a dc in a windows ad
Sketch
smblist at rednsx.org
Wed Jun 15 12:57:46 UTC 2016
On Tue, 14 Jun 2016, David Bear wrote:
> I couldn't readily find this answer to this question but can samba act as a
> member dc along side windows running the domain? This would be a samba as a
> 'secondary' domain controller.
You can, as long as your windows DCs are not newer than 2008 R2. I think
the only real caveat is with sysvol replication. DRS replication is not
supported, so you'll have to use rsync or similar. See the Sysvol section
here:
https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory
> Why would I want to do this? I am thinking of putting samba on the outside
> of the firewall acting as a RO DC and providing ldap authentication to web
> applications.
You may need a fairly recent version of Samba for this. I believe RODC
support is somewhat of a work in progress, but it looks like it's mostly
complete now. I'm not sure as of what version this was the case...
https://wiki.samba.org/index.php/Join_a_domain_as_a_RODC
More information about the samba
mailing list