Share your knowledge at the LQ Wiki.
Go Back > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.


  Search this Thread
Old 02-10-2013, 01:38 AM   #1
Registered: Jul 2004
Location: UAE
Distribution: RedHat
Posts: 93

Rep: Reputation: 15
Coexistance of SAMBA4 with Windows 2008 R2 as ADC


I've deployed SAMBA4 as ADC in our existing domain ( where we have MS 2008 R2 as PDC. As the SAMBA4 joined the windows domain, all data in AD got replicated to SAMBA4. We are planning to authenticate zimbra users and similar LDAP aware applications thru SAMBA4 so that we can save the licenses (Licensing costs involved when a user getting authenticated thru AD) of those users.

Now my question is ...

I would like to co-exist MS 2008 server and SAMBA4 for a few years and later do away with windows server.

My SAMBA4 appears as an ADC in windows 2008 server.The server having been seen in Windows server, will it attract any Licensing costs to Microsoft??

Any documentation available to prove that, the above mentioned deployment is free of License costs ??

Awaiting your valuable reply,

Jomy Mathew
Old 02-10-2013, 06:29 PM   #2
Ser Olmy
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 2,906

Rep: Reputation: Disabled
There are two different licenses involved here: Server Licenses and CALs (Client Access Licenses).

A Windows DC needs a licensed copy of the Windows 2008 R2 operating system, the server license. This requirement is unaffected by other license requirements in your network. The Samba DC does not require such a license, as it is a GPL implementation of the SMB/CIFS and AD protocols.

In addition, a client accessing a server needs a CAL. There was a time when a CAL was only needed for clients specifically accessing file or print services (up to and including Windows 2000, I believe), but the current licensing rules demand that every connection to a Windows domain needs a CAL (tied to either the device or the account of the logged-in user). You should definitely read the fine print on your license agreement to verify this.

Since CALs are tied to either a device or a user account, one would think that simply adding another server (Windows or Samba) to the network should not affect the required number of CALs. But here's where it gets slightly murky: since a Samba DC is a domain member accessing AD on the Windows server for replication and authentication purposes, one might argue that each Samba server will need a CAL to join a domain with Windows DCs.

It all depends on how Microsoft defines a "client", but I know for a fact that joining a Windows server (DC or member server) to a SBS 2003 domain consumes a CAL. This could of course be specific to the SBS license model. You will need to check the fine print on your license agreement for the specifics.

Of course, once all Windows DCs have been eliminated from the domain, no CALs are required to join the domain. CALs may still be necessary to access services on member servers running Windows.

In my opinion, the only way to be reasonably certain you're in the clear with regards to licensing, is to get a written statement from a Microsoft representative.
Old 02-10-2013, 11:35 PM   #3
Registered: Jul 2004
Location: UAE
Distribution: RedHat
Posts: 93

Original Poster
Rep: Reputation: 15
Thank you sir for the info. I'll try to contact MS rep for a written statement

Jomy Mathew
Old 10-07-2013, 08:25 AM   #4
barun mukhopadhyay
LQ Newbie
Registered: Feb 2013
Posts: 11

Rep: Reputation: Disabled
Samba4 as ADC to Windows 2008 R2 PDC - not able to achieve


I have installed Samba4 on Centos 6.3 following the link :

Here , the Samba4 internal DNS is required .

But I am not able to connect this Samba 4 DC to Windows 2008 R2 ( acting as PDC ) by following the link without doing the Samba4 provision as a DC )

dns_lookup_realm = true
dns_lookup_kdc = true
default_realm = SAMDOM.NET

You should then test to make sure that DNS and kerberos are setup correctly to point at your existing domain controller. Test that it is all working by trying a kinit as a domain administration:

# kinit administrator

I am getting an error :

kinit :cannot resolve KDC in realm "SAMDOM.NET' while getting initial credentials .

Pls help how to resolve this issue .




Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to set users to authenticate from windows ADC server mburu Linux - Server 1 03-17-2010 01:11 AM
Can samba 3 act as ADC or not ? marozsas Linux - Networking 1 09-10-2008 01:59 PM
Linux as Windows DC and ADC backup zmunawar Linux - Server 2 09-01-2007 03:12 AM
Linux as Windows DC and ADC backup zmunawar Linux - General 1 08-27-2007 08:09 AM
Soundblaster Live and Logitech Quickcam coexistance tdockray Linux - Hardware 0 12-11-2004 01:49 PM > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 02:56 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration