[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as Active Directory replacement - is it possible?



On Tue, Sep 21, 2004 at 08:50:42AM -0700, Mark Hendricks wrote:
> I have spent quite a bit of time trying to make Kerberos/LDAP authenticate
> and authorize Windows clients (as well as Mac OS X and other UNIX variants).
> 
> This is what I have found. I would ask to be corrected.
> 
> 1.  a. Samba can not be "kerberized" so that is can support authentication
> other than by using the ADS plugin and joining it to an active directory.
>     b. Pgina can be used to authenticate windows boxes against LDAP.  It
> works, but it does not support kerberos and AD like functionality is lost.
> 
> 2.  LDAP Entries can be used to populate an AD server, The user account, AD
> server, and Windows client can then be told about the AD server and the KDC.
[...]
Helo;
What I would like to propose/see on the main website. 
A fork there of 3rd party sw usages:
This_might assist a great many repeating questions to do with
the above:
Well it is just a thought. Yes, it is not openldap specific but 
does have to do with collaborated usage with openldap:)

Best Regards,
dreamwvr@dreamwvr.com

-- 
/*  Security is a work in progress - dreamwvr                 */
#                               48 69 65 72 6F 70 68 61 6E 74 32
# Note: To begin Journey type man afterboot,man help,man hier[.]      
# 66 6F 72 20 48 69 72 65                              0000 0001
// "Who's Afraid of Schrodinger's Cat?" /var/(.)?mail/me \?  ;-]