I have a simple samba network serving file/print to linux/win users and would like to add domain authentication, not because it's necessarily needed, but I would like to learn more about it.

I would like to use LDAP for authentication, Debian is the preffered OS.

So far I've found these free alternatives :

openLDAP
Fedora Directory Server

Also , someone tipped me of Solaris, shout if you have any thoughts about it

Just saying, my experience with domain authentication is next to none, so any comments would be appreciated !

The ideal result is a network with centralized login, roaming profiles, and all home directories/printers being accesible to the right users no matter where they logon from.

Please, Talk to me ppl

check out my website listed below, it has information on setting up samba, openldap and lam as a PDC, as well as many other things to do with setting up servers, also if your using Fedora core 5 try one of my server setup scripts

http://www.geocities.com/evilperson85/serversetup/

it is so simple to setup samba as a PDC using this script. just download and run.

http://www.yourhowto.org/content/view/42/9/ - Samba Primary Domain Controller with Group Policies

http://www.yourhowto.org/content/view/30/9/ - OpenLDAP + LAM + Samba as PDC

you can use samba as a PDC for your windows machine and openldap as a central sign on place for your linux machines, that way when a user signs into linx there password and home directory are the same as if they had signed into a windows machine.

The scripts look like a highway to PDC indeed However , I really really prefer Debian.. I'm looking into your links now, very informative ! Do you know if these solutions will fully replace Active Directory (Like Fedora Directory Server seems too) ?

Thanks for the reply

well i don't know what you mean by Fedora directory server seams to ... i must admin i havn't looked at fedora directory server too much, when i first started looking into LDAP that was the LDAP server i used, but i found openldap with a web interface to be easier to use, but as far as i know Fedora Directroy Server has no advantages in the PDC field to openldap.

If someone disagrees or can tell me that it really does emulate a Active Directroy domain Controller, i'd really like to hear what you have to say!

Has anyone had the experience joining a Linux Web Server to a Windows Active Directory network?(ADUC). The Web server will be used for a serving web pages to a business intranet. My initial thought is to join the server to the domain... I am in the fact finding phase. Anyone have any initial thoughts.

I just finished setting up my companies first Primary Domain Controller (PDC) using Samba on Debian (Sarge). I ran into several problems and just about lived on LQ for several weeks before finally figuring out it was a problem with DNS. I have learned more about samba in the past few weeks then I ever knew about Windows Active Directory. This is the place to come for answers. I'll try to provide a few that I have learned recently.
If you already have samba up and running, it won't take much to make it into a PDC for domain authentication. Most of the texts that I've read on the subject point out that if you want to use multiple domain controllers, then you need LDAP to share the users database. If not, don't worry about LDAP for now and focus on bettering your understanding of Samba.

If you are not setting up a corp domain and this is just a learning experience for you, just modify your existing /etc/samba/smb.conf to be a domain controller instead of a standalone server. This site - http://us5.samba.org/samba/ - has the first HOW TO that you need for setting up different types of samba servers. I highly recommend starting there (the same advice for you, morabitob ). If the HOW TO on that site doesn't get you up and running, come back here and post your /etc/samba/smb.conf file.

Good luck!

P.S.
One tip I got from that site is to create a /etc/samba/smb.conf.master file, make all edits & notations in it and use to create the smb.conf file. Try it and see.