| Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
07-17-2006, 02:36 PM
|
#1
|
|
LQ Newbie
Registered: Jul 2006
Posts: 4
Rep: 
|
Replacing a Windows Domain Controller with a Linux:OpenLDAP importing from Windows AD
I am trying to import Active Directory data from a Windows domain controller into an OpenLDAP server. The goal is to replace the Windows DC with a Linux server. I have searched around on the web and not found a blog/walkthru/cookbook post on how to do this. It seems like a common task. If OpenLDAP is not the right product, please tell me the right one and point me at a walkthru.
This needs to support 2K data (i.e. group policy), not just the NT 4 Domain controller functions.
As an alternative, if there is a way to create group policy within a Linux based system Domain Controller, that would be sufficient for a proof of concept to the boss for getting Linux to replace Windows as a server. And I can manually recreate the group policies in the Linux environment. The critical thing is that it needs to work without installing new stuff on the client. Again, please point me at a walk thru for doing this (or post one as a reply)
|
|
|
|
|
07-17-2006, 09:09 PM
|
#2
|
|
Senior Member
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,043
Rep: 
|
If I remember right Group policies are only vaild for Windows 2000 servers and windows 2003 server. Microsoft uses their on ldap modified software.
As for the transfer of users you may want to look into replicating information. It may be able to be done. Openldap will be your best bet though. try this it may help.
http://enterprise.linux.com/article....id=101&tid=100 |
|
|
|
|
07-24-2006, 07:46 PM
|
#3
|
|
LQ Newbie
Registered: Jul 2006
Location: Fairview Heights, IL
Distribution: Fedora
Posts: 6
Rep:
|
Quote:
|
Originally Posted by mstevensfullarmor
This needs to support 2K data (i.e. group policy), not just the NT 4 Domain controller functions.
|
You'll need Samba 4 (currently in development) for that. |
|
|
|
|
07-26-2006, 03:27 PM
|
#4
|
|
LQ Newbie
Registered: Jul 2006
Posts: 4
Original Poster
Rep:
|
Folks,
Thanks for the suggestions. Samba-4 is still too early in development to be useful. I haven't yet gotten OpenLDAP to be able to import a microsoft schema. There are a number of variances from the spec (some of which M$ documents) and thus the core.schema is not able to be used. No one seems to have successfully replicated AD with group policy with OpenLDAP.
|
|
|
|
|
07-26-2006, 09:14 PM
|
#5
|
|
Member
Registered: May 2006
Posts: 33
Rep:
|
Man,
This is my opinion and strictly my opinion. If I were your boss I wouldn't feel comfortable with replacing such a critical part of my technology infrastructure with a technology that my staff doesn't feel comfortable supporting. I'm not sure how large your environment is, but that is a really risky migration, especially if you're not totally comfortable with it.
NOW, with that said, I'll admit, when I read the opening post, I was very intrigued  I've been sysadmin'ing Windows environments for a while now and just recently dived into the Linux swimming pool. The more I use it, the more I am amazed of what it can do (particularly the Samba technology!)
Good luck with your project, definitely keep us posted on it |
|
|
|
|
07-26-2006, 10:48 PM
|
#6
|
|
Senior Member
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,043
Rep:
|
After reading zer0hmz post I say that he made a rather good point. This is going to be done in a test environment first right. I personally never do things in a live environment before it is tested, retested and I am happy with the results.
|
|
|
|
|
07-27-2006, 09:26 AM
|
#7
|
|
LQ Newbie
Registered: Jul 2006
Posts: 4
Original Poster
Rep:
|
Yes folks, test environment first. I have a small separate net that I am going to clone the Windows server on, remap machines in a slow progress to check scaling. Proof of Concept first, then cut over. Linux to Linux I understand, Linux to Windows Server is well documented, Windows to Windows works (but crashes far too often). But putting the Linux box in its proper role (IMHO) as the reliable invisible server has so far eluded me. Linux+Apache is far superior to Windows+IIS. Old Samba as a file server works well. Its the AD functions that elude me.
|
|
|
|
|
09-09-2006, 11:47 AM
|
#8
|
|
LQ Newbie
Registered: Sep 2006
Posts: 1
Rep:
|
hello maybe this help you, but you have to pay... 
h??p://nitrobit.com |
|
|
|
|
09-11-2006, 01:23 PM
|
#9
|
|
LQ Newbie
Registered: Jul 2006
Posts: 4
Original Poster
Rep:
|
Thank you so much for the pointer. It looks promising. It is not free, but sometimes pay solutions that leverage open source are the best option. It uses OpenLDAP on the back end.
|
|
|
|
|
08-27-2009, 04:41 AM
|
#10
|
|
LQ Newbie
Registered: Mar 2004
Location: India
Distribution: Red Hat Linux 9(Shrike)..right?
Posts: 2
Rep:
|
Hey, any updates on this thread ?
I am trying to do the same thing and found something worth having a look OpenLDAP with Linux and Windows |
|
|
|
|
01-26-2012, 05:08 PM
|
#13
|
|
LQ Newbie
Registered: Jan 2012
Posts: 1
Rep: 
|
have you looked at Resara Server? its a free/open source Linux domain controller based on samba4, its been around for a year now and seems to be developing a following.
|
|
|
1 members found this post helpful.
|
|
02-08-2012, 04:54 PM
|
#14
|
|
Senior Member
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,763
Rep:
|
|
|
|
|
|
02-15-2012, 06:05 PM
|
#15
|
|
Member
Registered: Jul 2009
Posts: 487
Rep:
|
Quote:
Originally Posted by otaku1
|
This works best....but why would you want to do this?? Windows AD with groups policy and other management tools is better but less stable than linux acting as AD server.So why do this when you can simply use samba and authenticate against windows AD |
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 11:52 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
