LaurelRaven 12-30-2010 11:12 AM

Linux Domain Controller on a current Windows Server Domain
I know similar questions have been asked, but the most recent example I can find was from 2005, so here's hoping that this has changed at some point in the last five or so years.

I'm working for a smallish non-profit that has gone through some recent growing pains. We have two sites that are currently without a domain controller, and no money for MS licenses, so I was thinking of trying to add a couple of additional Linux machines (we already run Linux for web services internally, and I've set up a test case previously to see if I could get a server to join the domain, which was a success) and was trying to find out if I can get them to act as Domain Controllers without replacing the domain.

The main issue that I'm having at those locations is drive mappings are not happening correctly against our DFS file servers. The one other location that had this issue had it go away when we added a local DC.

The domain is a Server 2008 domain.

If anyone knows anything about how to do this, or if it is even possible, that would be great. If the answer is a simple "it can't be done yet", then we'll have to live with that for now. Anyway, any reply is appreciated in this...thanks!

ComputerErik 12-31-2010 08:11 AM

I don't think you will be able to get this working as you describe. As far as I know the only way to have a Windows style domain controller running on Linux is using Samba, and that only does NT style domains, not AD. If you have a Server 2008 style domain that is AD, so there will be compatibility issues. Joining a server or workstation to an AD domain as a member is fine, but trying to make it a DC will be a problem.

You say this is for a non-profit, is it a registered organization with all relevant paperwork? If so have you ever checked into the special licensing programs MS has for non-profit organizations? This might help afford new servers and licenses. If you are already running an MS domain with multiple sites keeping it MS might be the best option. Even if you could get a Linux option working it would not support all of the same functionality as a MS domain controller, such as Group Policy and DFS. So depending on what features you want/need to use and currently use a Linux domain might not be the best solution. However if you can get by with just some more basic centralized authentication replacing everything with a Samba AD solution might work for you.

LaurelRaven 01-01-2011 12:20 AM

I was afraid of that.

Yes, we do get non-profit licensing from Microsoft, just that we are, non-profiting at the moment. As in, not enough even for more non-profit licenses. Fortunately, we found that we have more licenses than we thought, and even a couple unused at the moment, which will solve our issue.

I wasn't trying to get us switched over to Linux...that would have been far too time consuming and costly for us at this time, especially after the investments we have in our functioning was just the sites that were having trouble with operating without a local DC that I was hoping to possibly resolve with a temporary stop-gap measure. Also, I was interested in seeing if it would work on a personal level.

Anyway, thanks for your reply.

sanchetanparmar 02-02-2012 07:43 AM

