[Samba] Minimal AD DC server for dev/test setup
Andrew Bartlett
abartlet at samba.org
Tue Dec 19 18:09:27 UTC 2017
On Tue, 2017-12-19 at 11:07 -0500, Martin Langhoff via samba wrote:
> About the last question, I'll be reading up on samba-tool. Apologies.
>
> A better question is: can I run the DC without an attached DNS server? How
> little can I get away with running?
>
> In my imagination, I should be able to run just the LDAP+Kerberos parts,
> AIUI that's all I need, skipping DNS, fileserving, winbind, etc; blame this
> on my view of AD as a quirky LDAP. Again, scoped for my use cases, which
> are essentially LDAP-connection-and-lookup against the AD-flavored LDAP
> that AD contains.
Yes. You can set 'server services = ldap' and just run LDAP. If you
are just doing simple binds you won't even need the KDC. That should
be enough to keep a web app happy.
Be aware that this configuration isn't tested by the Samba Team, so
watch out on upgrades as we may add a dependency on other services, but
give it a go.
This certainly should help you test your work against 'AD' without all
that fiddling about with Windows, which I guess is your goal. :-)
All the best,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list