Re: OpenLDAP as Active Directory replacement - is it possible?

["Mark Hendricks" <Mark.Hendricks@humboldt.edu>]

I have spent quite a bit of time trying to make Kerberos/LDAP authenticate
and authorize Windows clients (as well as Mac OS X and other UNIX variants).

This is what I have found. I would ask to be corrected.

1.  a. Samba can not be "kerberized" so that is can support authentication
other than by using the ADS plugin and joining it to an active directory.
    b. Pgina can be used to authenticate windows boxes against LDAP.  It
works, but it does not support kerberos and AD like functionality is lost.

2.  LDAP Entries can be used to populate an AD server, The user account, AD
server, and Windows client can then be told about the AD server and the KDC.

Mark Hendricks
Humboldt State University
mdh3@humboldt.edu


----- Original Message ----- 
From: "Tomasz Chmielewski" <mangoo@interia.pl>
To: <OpenLDAP-software@OpenLDAP.org>
Sent: Tuesday, September 21, 2004 3:57 AM
Subject: OpenLDAP as Active Directory replacement - is it possible?


> Hello,
>
> I've been trying to figure out if it's possible to replace Active
> Directory with OpenLDAP (+ Samba, Kerberos, DNS etc.) on Linux - but
> from what I've found I'm not sure.
>
> Is it possible, or partially possible (I don't need every feature of AD)?
> What additional software (besides OpenLDAP) will I need?
>
> What functionality will I loose?
>
> Where can I find any HOWTOS/documents on this? I spent an hour googling
> but found nothing promising so far.
>
>
> Tomek
>
> ----------------------------------------------------------------------
> Startuj z INTERIA.PL... >>> http://link.interia.pl/f1834
>