Can i add my linux box to be one of the Windows 2003 server domian members, in other words can the authentication process of the linux client done by the windows 2003 ent. server.

i use RHEL 3.0 WS as my distro.

and another question the right opposite....

can i make all the windows client to be authenticated by my redhat linux server.

So, pls help me out...

Bye for now...

I know that you can have windows client to authenticate to your linux system, running a samba server on your RH box. All the process will be transparent to the client. This is slightly different from ADS but it will works the same.

About the opposite... I really dont know, but I would believe that you can't. I really doubt Micro$oft made a way for any system other than M$ systems to authenticate to ADS. But i'm not quite sure, maybe some hackers already reverse engineered the authentication process. My best guess would be to first take a look at Samba website... In worst case I _think_ you can setup LDAP on a Windoze box, you could use that to authenticate Unix client (this is just a guess).

Using Samba's "winbind" and kerberos, a linux client can be configured to join and authenticate against a Microsoft AD controller. I do it here. See: Samba ADS Domain Membership

Greetings
I am also trying to get a RH9 Samba server to authenticate to a Win 2003 AD. Any help would be much appreciated...perhaps if scowles reposts his link with an actual link?

Oops! Sorry about that. I have updated the link

Note, does not work in 2003 AD native mode (at least not for me...).

Interesting! Thanks for pointing this out. When I checked the properties of my 2003 AD controller, it says its set to 2000 native mode. Which works fine with linux winbind/kerberos (at least at this end).

I might have to find some time to setup an AD controller in the lab and try raising the functional level to 2003 and see if I can't get linux winbind/kerberos and AD to play together.

If you do, I'd be very interested in the results. I have Linux and Mac boxen that won't play nice with all my Windows equipment. Sure would be nice to get them to talk to Active Directory.

I don't know if the protocols themselves changed much in 2003 native mode, but I do seem to remember that the ports changed (old NetBIOS ports have been abandoned). I would expect that a lot of the gaping security holes in the "NetBIOS" support have been patched and not just moved to a new port? :-)

Just thought i'd pip in to say Kerby auth works fine on my SuSE 9.2 test box with our 2003 native mode setup. With pur current fileserver running out of space i am contemplating running a Samba 3 Winbind/Kerb setup on an additional box - perhaps even taking the current 2003 based server down and putting it on there also (Does no AD stuff anyways) as the virtual filing system would make future drive expansion easier.

Does anyone know of any perils with running Winbind? I seem to hear one fellow having his SIDs go out of sync between samba and windows, which sounds rather serious!

How about Quotas, is that easy enough to setup? Because i've read of some place that is basically selling these linux boxes with a terabyte of storage rather cheaply, but they lack quota control & don't intend to bring anything out to address that so far.