open source LDAP + Windows clients

VinylxScratches

Golden Member
Feb 2, 2009
1,666
0
0
I know AD is probably the best solution but I would like to keep costs down. Basically, all I need the LDAP for is for centralized accounts and basic file permissions on either Windows 2008 or *nix file servers. What would be the best solution to look into?
 

Red Squirrel

No Lifer
May 24, 2003
69,072
12,926
126
www.anyf.ca
You can use Samba but you have to rejoin all the PCs back to the domain if you upgrade sometimes. This can really suck in a big environment as everybody looses their profiles and stuff, you can try to force to use the old profile but it often acts very flaky.

Really I wish Linux would come up with a better solution to AD. Imagine something that is mysql based that can be queried and stuff. It would be totally awesome.
 

VinylxScratches

Golden Member
Feb 2, 2009
1,666
0
0
I don't have Windows Server 2008, well I do, but it's from school. I'm trying to design an infrastructure for myself using open source solutions and do a side by side comparison.
 

theevilsharpie

Platinum Member
Nov 2, 2009
2,322
14
81
If you just want an open source LDAP server, give 389 Directory Server (aka Fedora Directory Server) a try.

If you want to build an open-source equivalent to AD, well, good luck with that. Samba4 might come close, but by the time its actually released, it'll be as out-of-date as Samba is today.
 

VinylxScratches

Golden Member
Feb 2, 2009
1,666
0
0
The Fedora solution looks promising but I'm confused. Is there no difference between a Fedora client and a Fedora server? I don't see any choices.
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
You can use Samba but you have to rejoin all the PCs back to the domain if you upgrade sometimes. This can really suck in a big environment as everybody looses their profiles and stuff, you can try to force to use the old profile but it often acts very flaky.

Really I wish Linux would come up with a better solution to AD. Imagine something that is mysql based that can be queried and stuff. It would be totally awesome.

OpenLDAP is going to be a hundred times better than MySQL for this and since that's what it was designed for and it's queryable too.

So there isn't a good solution for this to be equivalent to AD?

Nope. You can build your own with LDAP and Kerberos, but it's going to be a lot of work on your end. And if you already own a Windows Server license you have AD available at no extra cost.