On Tue, 2009-08-25 at 11:46 +0200, Serge Fonville wrote:
Hi,
I was wondering if there is an uptodate guide/tutorial/howto to replace Active Directory. I found http://www.bayour.com/LDAPv3-HOWTO.html but that was last updated in 2005.
Also I could not find any references to people actually having replaced Active Directory. In my head it should be possible, but replacing MS products does not always make sense in practice. ;-)
I have not yet had the time to fully work through the howto. but either way I will give it a try (well a couple probably)
There is currently no drop-in replacement for Active directory in open source world. Samba in conjunction with LDAP gets as close as replacing NT4.0 domain controller. This is a legacy in MS world and has it's disadvantages over Active directory. I recommend reading the following SAMBA docs http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ http://us3.samba.org/samba/docs/man/Samba-Guide/
rule is that if you are implementing directory service from scratch - you can go SAMBA/LDAP way. replacing Active directory is not recommended - you will lose a lot of functionality.
SAMBA 4 which is in development (alpha stage) aims to offer Active directory services - with built in ldap and kerberos services. I believe that many (including me) knowing the limitations of NT4 domain control are waiting impatiently for samba 4 stable release - at the moment I can't guess when.