Hi,
I was wondering if there is an uptodate guide/tutorial/howto to replace Active Directory. I found http://www.bayour.com/LDAPv3-HOWTO.html but that was last updated in 2005.
Also I could not find any references to people actually having replaced Active Directory. In my head it should be possible, but replacing MS products does not always make sense in practice. ;-)
I have not yet had the time to fully work through the howto. but either way I will give it a try (well a couple probably)
Has anyone have any experience or advice with this?
Thanks in advance
Regards,
Serge Fonville
Serge Fonville wrote:
Hi,
I was wondering if there is an uptodate guide/tutorial/howto to replace Active Directory. I found http://www.bayour.com/LDAPv3-HOWTO.html but that was last updated in 2005.
Also I could not find any references to people actually having replaced Active Directory. In my head it should be possible, but replacing MS products does not always make sense in practice. ;-)
I have not yet had the time to fully work through the howto. but either way I will give it a try (well a couple probably)
Has anyone have any experience or advice with this?
To get a drop-in replacement for AD you probably should ask in a Samba forum; AD does a lot more than just LDAP service and you need Samba to bring all the pieces together. If you only need directory service, then we can talk about it more here. But when migrating off MS, you typically need more than just LDAP to work...
On Tue, 2009-08-25 at 11:46 +0200, Serge Fonville wrote:
Hi,
I was wondering if there is an uptodate guide/tutorial/howto to replace Active Directory. I found http://www.bayour.com/LDAPv3-HOWTO.html but that was last updated in 2005.
Also I could not find any references to people actually having replaced Active Directory. In my head it should be possible, but replacing MS products does not always make sense in practice. ;-)
I have not yet had the time to fully work through the howto. but either way I will give it a try (well a couple probably)
There is currently no drop-in replacement for Active directory in open source world. Samba in conjunction with LDAP gets as close as replacing NT4.0 domain controller. This is a legacy in MS world and has it's disadvantages over Active directory. I recommend reading the following SAMBA docs http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ http://us3.samba.org/samba/docs/man/Samba-Guide/
rule is that if you are implementing directory service from scratch - you can go SAMBA/LDAP way. replacing Active directory is not recommended - you will lose a lot of functionality.
SAMBA 4 which is in development (alpha stage) aims to offer Active directory services - with built in ldap and kerberos services. I believe that many (including me) knowing the limitations of NT4 domain control are waiting impatiently for samba 4 stable release - at the moment I can't guess when.
openldap-technical@openldap.org
-
Howard Chu -
Martin Simovic -
Serge Fonville