KDC built in or out of smbd

Andrew Bartlett abartlet at samba.org
Thu Dec 1 20:47:19 GMT 2005 

On Thu, 2005-12-01 at 14:52 +0100, Lukasz Stelmach wrote:
>  Byla godzina 20:21:57 w Wednesday 30 November, gdy do autobusu wsiadl kanar
> i wrzasnal:"Stefan (metze) Metzmacher!!! Bilecik do kontroli!!!" A on(a) na to:
> 
> > Krishna Ganugapati schrieb:
> > >Andrew,
> [...]
> > Or you can write your own process model module....
> > 
> > But at least when you want to be act as a AD Domain Controller, you need 
> > the LDAP-Server, the
> > KDC-Server, the SAMR-DCERPC module, the auth_sam module to access the 
> > sam.ldb,
> > witch is the LDAP-like database that stores the AD tree.
> > 
> > If you have any questions please ask:-)
> 
> Will I have to switch from OpenLDAP server to samba's one when Samba4
> becomes real. Let them, samba and openldap, be on the same machine.
> But will the Samba4 LDAP server be "a must" or just an option
> for those who havent LDAP already and want it just to run Samba
> and don't think (at least for "now") about using it for other unix
> services?

Sadly, windows expects the LDAP server on the LDAP port to be AD-style.
So, while I hope to have a mode whereby Samba can 'back' onto another
LDAP server, it can't be on the LDAP ports of the Samba DC's primary IP.
(It could be bound to an alias).

One possibility I've been hoping might work is an NT4 mode, backed onto
an LDAP database in Samba3 format, and only providing Samba3 network
services.  We have some bits of the puzzle, but this is still an area in
which we need to do a lot of work.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051202/e3c2db9c/attachment.bin

More information about the samba-technical mailing list