Samba 4 Active Directory PDC - to provide Windows (XP) and Linux (F18) login

From Amahi Wiki
Revision as of 13:11, 23 April 2013 by R0bis (talk | contribs) (Created page with "<!-- This page is crated automaticaly by a script. This part is commented and shall not show --> <!--At the top of the page can be vissible one of the following tags..--> ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Msgbox-WOPr.png Work In Progress
This article is currently undergoing major expansion or restructuring. You are welcome to assist by editing it as well. If this article has not been edited in several days, please remove this template.



It would be great if a home server such as Amahi could provide an easy setup for a mixed linux / windows network at home. Without too much hassle (e.g. synchronising account databases, winbind...). Upon release of Fedora 18 - Spherical Cow I much hoped that would be easy and intended to convert my home debian server to fedora and use it as an AD (Active Directory) PDC (Primary Domain Controller) server . The big gain would be a possibility to set up a single login for home/small office users to access shared resources (e.g. files or printers) without being explained at length that you in fact have two passwords, how come when you change your windows password you have to change it on linux too, without needing to explain how you access shares differently on each computer etc.

After some research I found that Samba 4 AD PDC out of the box is not quite possible yet and work would be needed to get such a system working. The main reason is - Samba team use a different kerberos implementation - Heimdal. RedHat -> Fedora for various reasons historically have been using use MIT kerberos. Fedora have very well described why Fedora at this stage are not offering possibility of AD server. Details: We are intending to make possible use of AD DC functionality with MIT Kerberos but this is longer term project that requires cooperation between Samba, MIT, and FreeIPA. Longer term in this case sounds more like over a year or two, especially considering the number of people that may need to be involved.

What I am going to try to do as an interim prototype is to compile samba with AD PDC 4 from sources on an Amahi capable server and then use Fedora 18 and XP computers as clients. Once such set-up is well documented and repeatable, then it would be possible for to think how the process can be integrated with Amahi. This page will be updated with the progress and your comments and suggestions, or messages to me are very welcome.

Retrieved from "https://wiki.amahi.org/index.php?title=Samba_4_Active_Directory_PDC_-_to_provide_Windows_(XP)_and_Linux_(F18)_login&oldid=69974"