Linux Server as a PDC Documentation

**Anonymous** · 11-26-2002

We have 4 Win2K servers and 5 win2K client machines. Could someone suggested a good book or online-doc that will help me set up a Linux box as our PDC? I'm fairly new to Linux.
I want to migrate as many machines as possible to Linux and I thought the PDC would be a good start.

Any suggestions would be grealty appreciated!

TIA!

BD

**slacker** · 11-26-2002

Here's a few. I'm going to attempt this project soon, but I'm waiting for the next release of Samba, which can emulate (I know that's not the right word) active directory services.

http://www.linux-mag.com/2002-02/samba_01.html
http://www.freeos.com/articles/3842/http://www.skippy.net/linux/smb-howto.html
http://us6.samba.org/samba/ftp/docs/...BDC-HOWTO.html
http://www.mandrakeuser.org/docs/connect/csamba6.html
http://networking.earthweb.com/netos...151091,00.html
http://www-1.ibm.com/servers/esdd/tutorials/samba.html
http://www-106.ibm.com/developerwork...samba-tng.html

**wassy121** · 11-29-2002

samba can do some of this, but for a real PDC for a domain, not just a workgroup you need muuuuuch more crap. When windows switched from local login to a network-based token handling security paradigm they stole a lot of stuff from LDAP and Kerberos. If you can reverse engineer their LDAP/Kerberos implimentation (not as super-hard as it sounds). People have done it, but I think they are legally not allowed to say how or something? I don't know. I have tried it. Tough enough for me to not start to reverse engineer it. I thought I could get away with changing windows to talk like linux, I was wrong, I need to change linux to talk like windows, and that is only after I find out how windows talks. In general.

**Anonymous** · 11-29-2002

First off, thank you Slacker for the slew of Info. Very detailed and I like it that way.

Wassy, to give you an idea of what I'm working on: I have 5 servers running NT. I want to gradually move to linux on 3, possibly 4 servers. I thought the best start would be to convert my PDC to a Linux box.
What pros and cons do you see? Thanks for your input and excellent help in the past.

BD

**wassy121** · 11-30-2002

actually, if it is at all possible, it is probably better to convert ALL of them at once, if you want to do full authentication (user logins) via a PDC. You can do this in linux with OpenLDAP (and kerberos, but I haven't set that up yet). This is relatively painless to set up with RedHat. They have it so you can define your own LDAP server to authenticate with, and after some minor tweaking of /etc/ldap.conf, /etc/openldap/ldap.conf and /etc/nsswitch.conf it is on it's way. Of course in LFS it took days of fiddling with

**Dolda2000** · 11-30-2002

Doesn't windows have support for LDAP authentication? I'm pretty sure it has kerberos support, anyways. In that case the wisest would probably be to not have a SMB PDC, and you could still convert servers gradually.

**wassy121** · 12-01-2002

LDAP authentication off of proprietary windows-only ldap servers. Like I said, you have to hack the crap out of OpenLDAP/Kerberos to get it working.

Thread Tools

Display

Linux Server as a PDC Documentation

Posting Permissions