Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-server

From: "Paul Kölle" <pkoelle@×××××.com>
To: gentoo-server@l.g.o
Subject: Re: [gentoo-server] manging windows
Date: Mon, 20 Feb 2006 12:52:03
Message-Id: 43F9BC6B.8040205@gmail.com
In Reply to: Re: [gentoo-server] manging windows by Robert Larson
1 Robert Larson wrote:
2 > I know that I could probably just use samba for this, but my understanding is
3 > that samba-tng aims to provide authentication mechanisms that are beyond the
4 > general samba file serving crowd. This excerpt from
5 > http://www.samba-tng.org/faq.html will support the general idea:
6 http://www.samba-tng.org/status-0.4.html
7 -no locking
8 -no printing
9 -no password sync
10
11 I've never used TNG so I cannot judge about its merits but I note that
12 lots of the information on their site is simply old/outdated. I've yet
13 to see a feature TNG supports wich samba doesn't.
14
15 >
16 > "Samba-TNG is somewhat more advanced in terms of protocol support, although
17 > Samba is catching up and may be ahead in some areas. If you want an NT
18 > domain controller running with an LDAP backend, optionally integrated with
19 > your LDAP-based Unix user database, you probably want to use Samba-TNG. Samba
20 > has some experimental support for this, but Samba-TNG has had it working for
21 > much longer so it is more mature."
22 I doubt this is still true. There is no "last updated" info on that page.
23
24 >> So this is a normal windows domain with a samba PDC?
25 > Pretty much, although, it may be closer to a workgroup with one share machine
26 > (file server) performing NTLM based authentication. I tried to keep it
27 > simple, especially since not all of our clients are domain ready (only those
28 > utilizing XP home edition to name a few).
29 Hmm, I'm not trying to discourage you but I would be surprised if the MS
30 consumer products will talk anything but NTLM (against w2k server,
31 samba4, whatever) and I'm pretty sure none of the MS clients will do
32 kerberos outside a domain context (prove me wrong please ;).
33
34 One can get pretty far without krb5 though. cyrus-sasl can do NTLM so
35 you can integrate Outlook with your SMTP/IMAP servers, squid can
36 authenticate against a samba server, http-auth with NTLM should be
37 possible (mod_ntlm) all reusing the logon credentials.
38
39 cheers
40 Paul
41
42 --
43 gentoo-server@g.o mailing list

Replies

Subject Author
Re: [gentoo-server] manging windows Robert Larson <robert@×××××××××.com>
Report Message
Find on MARC Find on Google Groups