[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Replace Active Directory with OpenLDAP and Others

On Tue, 2009-08-25 at 11:46 +0200, Serge Fonville wrote:
> Hi,
> I was wondering if there is an uptodate guide/tutorial/howto to
> replace Active Directory.
> I found http://www.bayour.com/LDAPv3-HOWTO.html but that was last
> updated in 2005.
> Also I could not find any references to people actually having
> replaced Active Directory.
> In my head it should be possible, but replacing MS products does not
> always make sense in practice. ;-)
> I have not yet had the time to fully work through the howto. but
> either way I will give it a try (well a couple probably)
There is currently no drop-in replacement for Active directory in open
source world. Samba in conjunction with LDAP gets as close as replacing
NT4.0 domain controller. This is a legacy in MS world and has it's
disadvantages over Active directory.
I recommend reading the following SAMBA docs 

rule is that if you are implementing directory service from scratch -
you can go SAMBA/LDAP way. replacing Active directory is not recommended
- you will lose a lot of functionality.

SAMBA 4 which is in development (alpha stage) aims to offer Active
directory services - with built in ldap and kerberos services. I believe
that many (including me) knowing the limitations of NT4 domain control
are waiting impatiently for samba 4 stable release - at the moment I
can't guess when.

Attachment: signature.asc
Description: This is a digitally signed message part