Hi Shawn,

Active Directory is the name of Microsoft's KDC/LDAP server. So there's
no such thing as "Active Directory server on linux". You could setup a
KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
Server) on your Linux machine but even if you managed to get them
to work together well, you still wouldn't have anything like "Active
Directory". The closest thing to AD on linux would be Samba4 but that's
not quite ready for production environments.

Also, unless you have a specific question about Kerberos I think responses
here will be limited [1].

Mike

[1] I pleased to see that this list is very tolerant of posts about
"Active Directory". Apparently the OpenLDAP-software list automatically
censors any post containing the term (e.g. my sig).

On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
Shawn Wilson wrote:

> I am interested in getting an Active Directory server setup on a linux (Ubuntu)
> server. I currently just have a samba file server, ntp, and dns setup on this
> server. I don't have any Windows 2k/XP servers here.
>
> I have found many howtos and other docs on kerberos, ldap, and samba. However
> my question is where to start. In theory, what I was looking for was a cookie
> cutter solution to getting an Active Directory server setup on Unix. However
> aside from that, I was wondering where I should start.
>
> One more point of woe for me is that I don't have a FQDN. I was advised that I
> could just make one on my dns and setup dhcp to make sure those hosts used my
> dns and be fine with that. I was wondering if this is possible?
>
> Also, though I have googled and have a bit more than a half dozen pages along
> this topic bookmarked, any resources that anyone could recommend would be
> appreciated.
>
>
>
> thanx
> darkhaven (aka - shawn wilson / ag4ve)
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>


--
Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

Michael B Allen writes:

> Hi Shawn,
> Active Directory is the name of Microsoft's KDC/LDAP server. So there's
> no such thing as "Active Directory server on linux". You could setup a
> KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
> Server) on your Linux machine but even if you managed to get them
> to work together well, you still wouldn't have anything like "Active
> Directory". The closest thing to AD on linux would be Samba4 but that's
> not quite ready for production environments.

I think you are forgetting XAD, from PADL, which was a complete AD
replacement that could be run on Linux.

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Michael,

I suggest you take a look at XAD (www.padl.com). This is a product that
runs on Linux, and looks like an Active Directory domain controller.

Cheers,
Tim

-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
Behalf Of Michael B Allen
Sent: 09 August 2006 20:33
To: Shawn Wilson
Cc: kerberos@mit.edu
Subject: Re: unix active directory

Hi Shawn,

Active Directory is the name of Microsoft's KDC/LDAP server. So there's
no such thing as "Active Directory server on linux". You could setup a
KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
Server) on your Linux machine but even if you managed to get them
to work together well, you still wouldn't have anything like "Active
Directory". The closest thing to AD on linux would be Samba4 but that's
not quite ready for production environments.

Also, unless you have a specific question about Kerberos I think
responses
here will be limited [1].

Mike

[1] I pleased to see that this list is very tolerant of posts about
"Active Directory". Apparently the OpenLDAP-software list automatically
censors any post containing the term (e.g. my sig).

On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
Shawn Wilson wrote:

> I am interested in getting an Active Directory server setup on a linux
(Ubuntu)
> server. I currently just have a samba file server, ntp, and dns setup
on this
> server. I don't have any Windows 2k/XP servers here.
>
> I have found many howtos and other docs on kerberos, ldap, and samba.
However
> my question is where to start. In theory, what I was looking for was a
cookie
> cutter solution to getting an Active Directory server setup on Unix.
However
> aside from that, I was wondering where I should start.
>
> One more point of woe for me is that I don't have a FQDN. I was
advised that I
> could just make one on my dns and setup dhcp to make sure those hosts
used my
> dns and be fine with that. I was wondering if this is possible?
>
> Also, though I have googled and have a bit more than a half dozen
pages along
> this topic bookmarked, any resources that anyone could recommend would
be
> appreciated.
>
>
>
> thanx
> darkhaven (aka - shawn wilson / ag4ve)
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>


--

Michael B Allen
PHP Active Directory SSO
http://www.ioplex.com/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

I was going to make the identical suggestion, however, when I
went looking on the PADL website, mention of XAD was nowhere to
be found. A search of the site turns up references to XAD,
however, they either lead to 404s or to redirects to the main
product page.

Perhaps XAD is being shelved?

-- Tom

Thomas A. La Porte, DreamWorks Animation


On Wed, 9 Aug 2006, Tim Alsop wrote:

> Michael,
>
> I suggest you take a look at XAD (www.padl.com). This is a product that
> runs on Linux, and looks like an Active Directory domain controller.
>
> Cheers,
> Tim
>
> -----Original Message-----
> From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
> Behalf Of Michael B Allen
> Sent: 09 August 2006 20:33
> To: Shawn Wilson
> Cc: kerberos@mit.edu
> Subject: Re: unix active directory
>
> Hi Shawn,
>
> Active Directory is the name of Microsoft's KDC/LDAP server. So there's
> no such thing as "Active Directory server on linux". You could setup a
> KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
> Server) on your Linux machine but even if you managed to get them
> to work together well, you still wouldn't have anything like "Active
> Directory". The closest thing to AD on linux would be Samba4 but that's
> not quite ready for production environments.
>
> Also, unless you have a specific question about Kerberos I think
> responses
> here will be limited [1].
>
> Mike
>
> [1] I pleased to see that this list is very tolerant of posts about
> "Active Directory". Apparently the OpenLDAP-software list automatically
> censors any post containing the term (e.g. my sig).
>
> On Wed, 9 Aug 2006 09:46:47 -0700 (PDT)
> Shawn Wilson wrote:
>
>> I am interested in getting an Active Directory server setup on a linux
> (Ubuntu)
>> server. I currently just have a samba file server, ntp, and dns setup
> on this
>> server. I don't have any Windows 2k/XP servers here.
>>
>> I have found many howtos and other docs on kerberos, ldap, and samba.
> However
>> my question is where to start. In theory, what I was looking for was a
> cookie
>> cutter solution to getting an Active Directory server setup on Unix.
> However
>> aside from that, I was wondering where I should start.
>>
>> One more point of woe for me is that I don't have a FQDN. I was
> advised that I
>> could just make one on my dns and setup dhcp to make sure those hosts
> used my
>> dns and be fine with that. I was wondering if this is possible?
>>
>> Also, though I have googled and have a bit more than a half dozen
> pages along
>> this topic bookmarked, any resources that anyone could recommend would
> be
>> appreciated.
>>
>>
>>
>> thanx
>> darkhaven (aka - shawn wilson / ag4ve)
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Tired of spam? Yahoo! Mail has the best spam protection around
>> http://mail.yahoo.com
>> ________________________________________________
>> Kerberos mailing list Kerberos@mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
>>
>
>
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

"Tim Alsop" writes:

> Michael,
> I suggest you take a look at XAD (www.padl.com). This is a product that
> runs on Linux, and looks like an Active Directory domain controller.

PADL pulled XAD from its website for reasons not yet announced. Maybe
Luke Howard will want to comment (or maybe not. ).

--Quanah


--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html