| View previous topic :: View next topic |
| Author |
Message |
smdg
n00b
Joined: 07 Jul 2004
Posts: 11
|
 Posted: Fri Jun 16, 2006 5:32 pm Post subject: ads alternative |
 |
|
Hello
I've got a test/home network with a small server, currently running a trial version of win server 2003, a few win xp clients and two clients running gentoo.
I'm interested in moving from win server 2003 to a linux box. It's primarily thought to be a file server (samba) - i'll also run a dhcp and a dns server on it.
My problem: I'm looking for an active directory alternative, that allows to administrate user accounts (win/lin) on the server (it should also be possible to save/administrate desktop user's settings (win/lin) on the server) and to share software e.g. service packs, office software, etc. for windows but also for linux.
So I'm basically looking for an alternative to GPOs and RIS.
It seems to be a lot of work and I'm not really sure that I'll be able to set up that linux box. However I would like to learn more about linux and I'd be pleased to receive some basic information on how to start my project.
Sebastian
P.S.: Since I'm German I hope you'll understand everything. |
|
| Back to top |
|
 |
cyblord
Guru
Joined: 22 May 2006
Posts: 424
|
|
| Back to top |
|
|
runningwithscissors
Guru
Joined: 21 Apr 2006
Posts: 454
Location: the third world
|
| Posted: Sat Jun 17, 2006 8:00 am Post subject: |
|
|
OpenLDAP is a capable replacement for Active Directory.
Try it out.
I have never needed to set one up myself, but it isn't too difficult. Getting it to co-operate with windows boxes may be.
Simple file serving, dns and dhcp services are quite easy to set up. |
|
| Back to top |
|
|
think4urs11
Bodhisattva
Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
|
| Posted: Sat Jun 17, 2006 11:24 am Post subject: |
|
|
a full AD replacement isn't too easy to implement.
But with combining some tools you can build up an 'nearly functional equal' solution so to say.
Openldap for the ldap stuff.
bind/dhcpd for the nameserver part with automatic registering of clients etc.
Samba and using some scripts to do something like GPOs can do
RIS is (from my point and very 'basic') something like an rsync portage/binpackages mirror
might also be a good idea to have a look at GEMS  http://www.gamehound.net/gems/
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself |
|
| Back to top |
|
|
asiobob
Veteran
Joined: 29 Oct 2003
Posts: 1375
Location: Bamboo Creek
|
| Posted: Sun Jun 18, 2006 8:46 am Post subject: |
|
|
If you put your users and workstations on a Domain whose server is Samba/Linux it will not be an "active directory" domain so to speak. Basically a lot of GPO do not work (they will when Samba4 comes out). Untill then you might want to look at www.nitrobit.com which is a program you install on clients (windows workstations) and it saves the policies to the samba server and grabs them and applies them much like windows does.
The policy interface is via MMC snap and the UI is pretty much the same as the windows one. The policies ARE the same.
Optionally if you have an LDAP server some of the nitrobit policies can be stored there, so most nitrobirt is happy storing in a normal file them
Unfortunately nitrobit is not open source, and is not "free" in beer terms. |
|
| Back to top |
|
|
|
Networking & Security
