[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: RFT0001 : Request For Thoughts

"Christopher Barry" <christopher.barry@qlogic.com> writes:

> Hi everyone,

> The Parts Bin:
> There's a bunch of parts around, and they all kind of fit together, but
> to my current understanding anyway, seem to create a few different
> incomplete solutions, such as:
> * Samba/Winbind/Kerberos (possibly backed by OpenLDAP)

No, this is not possible, ask on a samba list for reasons.

> * OpenLDAP/Kerberos with trusts to AD

yes, this can be done, 

> * AD using 2003R2 and possibly custom schema modifications if
>   required.

this could be done
> My question really is what are others doing to solve this type of
> problem? Architecturally, what is the best approach given the above
> desired outcome?

 If you administer a homogenous windows network, keep AD as primary
 domain controller (just KDC) and configure samba as backup
If you administer a heterogenous network, get, in addition to  the
above mentioned design, OpenLDAP plus heimdal kerberos to administer
Unix hosts and users and create a trust relation to AD.


Dieter Klünter | Systemberatung