Author: Stuart Sears Date: To: lug, Hampshire LUG Discussion List CC: Subject: Re: [Hampshire] Happy Happy Joy Joy
Vic wrote:
> Now the thing to realise about AD - the real salient point - is that it's
> a perversion of LDAP. It's *almost* LDAP, which is a nice, well-defined
> standard. But it isn't LDAP. It's a Microsoft-only protocol Embraced and
> Extended from LDAP, just ready for the Extinguish...
Surely it's really only LDAP + Kerberos + custom LDAP schema?
You can authenticate directly against AD as it stands using only pam_ldap and
pam_krb5 - no samba requirement at all.
Don't get me wrong, I am not a particular fan of AD, but exactly *what* have
they done that makes it an "extended" version of LDAP?
[...] > But Samba4 changes that. Samba4 will allow Linux boxen to be AD domain
> controllers. That means we can get rid of those horrific 2003server and
> SBS boxen, and replace them with friendly Linux installs. Which is nice