Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Im intersting on Running a Active Directory Server on Fedora Core 3/4.
Im sure that there is some software that does this but just cant recollect the name.
Any clue'es any one.
PS i dont want to authenticate a linux client using Windows AD server i want the AD server to be on the linux machine itself.
Active Directory is a propriertory microsoft technology which certainly wont run on Linux (unless your a highly skilled WINE guru with a huge amount of time on your hands & scant regard of copyright law).
Samba can function as a domain controller, providing native authentication services for a windows client but it's feature set is more akin to NT4 than AD - there's a lot missing compared to AD: group policy & the whole forest/domain thing, to name a couple off the top of my head, but there's a lot more.
If it wasn't Samba and the IBM guy was demonstrating some fancy management features, etc, then if may have been some novell software he was showing you: I know v. little about it, but my understanding is that it can authenticate windows clients and has some pretty nifty management functions to boot: probably more akin to AD than Samba. It aint free though and migrating your network to novell would be no trivial undertaking.
quiffhanger is right. Here is some more information. The current release version of Samba is 3. The Samba project is trying to get (some) AD support into Samba 4. The Samba documentation is located here.
Samba can act as a LanManager (NT4) domain controller if all of the other domain controllers are also Samba. Samba cannot act as a domain controller if any genuine Microsoft domain controllers exist.
In all other respects Samba emulates LanManager (NT4) networking. It provides the System Message Block (SMB) file sharing protocol. This protocol was invented by IBM; it is not a Microsoft product. SMB is much more robust than NFS. IMO you would do well to use Samba SMB protocol for file shares even in a pure Unix/Linux environment.
The last thing about Samba is that it not only allows you to set permissions on shares, like in LanManager, but you can also add Unix file permissions on the files in the shares. That is also true of Windows, but some people are impressed when you mention it.
Im intersting on Running a Active Directory Server on Fedora Core 3/4.
Im sure that there is some software that does this but just cant recollect the name.
This was a very helpful thread, so thanks to all who have posted so far. I am looking to replace a Windows 2000 Active Directory server with a Linux solution. The clients that will need authentication include Windows XP and Mac OSX (nothing older than that). I also running a few servers based on Fedora Core 4.
From what I gather Samba 3 sounds like a way to go, maybe the way. Is Samba all I need or do I also need LDAP? I read somewhere that OpenLDAP does not authenticate Windows XP users. I don't know if this is true or not.
I also have found an LDAP server called Fedora Directory Server which caught my eye because my servers are using Fedora. I basically am looking for some confirmation on my logic (or correction) and a few links on where I should go from here.
I am down to just two Microsoft servers at this point, one for VPN and this one for user authentication. I'm getting close!
There is no one stop solution to replacing AD with Linux, however, I have read many articles which use DHCP, DNS, LDAP, and Samba which emulates most of the AD features. Don't quote me on this, but I believe the policies, etc can be done with LDAP, the filesharing is with Samba, and the DHCP and DNS work like the forests.
Thanks scheidel21, My further research has indicated that going Samba 3-only is not what I am looking for. I need to include LDAP in the mix. I am not too interested in setting up the forests at the moment but running DNS and DHCP on the same machine seems logical for other reasons.
You mentioned that you have read some articles on setting this up. Would you please recommend one?
There is no one stop solution to replacing AD with Linux, however, I have read many articles which use DHCP, DNS, LDAP, and Samba which emulates most of the AD features. Don't quote me on this, but I believe the policies, etc can be done with LDAP, the filesharing is with Samba, and the DHCP and DNS work like the forests.
For those who don't mind paying.... there IS Novell's eDirectory and Zenworks which is a VERY nice (IE. far superior) replacement for AD. And it all can run on SuSE (and to some extent Redhat).
Group policies, fileshares, DHCP/DNS, remote workstation control, single sign-on plus ALOT more..... there's also Groupwise for mail, clients and server for linux.
I have been playing with eDirectory on my home network. It is Very Nice. You can Down load a trial version of the Novell OES on novells website it includes eDirectory. Give it a try if you like Purchase the full version, Ithink it will be well worth the money
While the advantages of eDirectory over AD are vast, one point to mention is that you can run eDirectory on Linux,Netware,AIX,Solaris, and even Windows. AND you are NOT required to use a PC running Windows to take advantage of eDirectory (although you can).
I appreciate the alternative suggestion. My setup is required to scale from 20 users up to about 40. So I think I'm going to stick with an OSS solution for now.
Does anyone have any suggestions on where I can go to read a comprehensive tutorial for setting up a LDAP/Samba server?
Thanks ziox, I'll check that out. I haven't spent much time looking into this since my last post, but its something that I can only put off for so long.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.