Linux as primary domain controller

Hi experts
I want to use Linux as a primary domain controller for some 25 windows7 laptops/desktops

Did anyone implement such system?
how stable/ reliable it is?

what was the process to set it up?

Thanks
9 answers Last reply
More about linux primary domain controller
  1. Research SAMBA: http://www.samba.org/

    http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html

    Just keep in mind that SAMBA can not act as an Active Directory Domain Controller, only as an NT4 style Domain Controller.
  2. Thanks for quick reply.

    You pointed to my real concern:

    I want to replace windows server with a linux box that replaces it as:

    -- Domain controller
    -- User/Group manager with user profiles stored on linux box
    -- single sign-on.

    What does Active Directory do exactly ?


    Thanks.
  3. samba4 can act as active directory server
  4. Thanks.

    So theoretically by using a Linux distro with Samba4 I should be able to do all what a windows server can do (i.e PDC, AD)

    In practice How good is it ? What distro does that the best?

    Please give me some personal experience on the matter.

    Thanks.
  5. skittle said:
    samba4 can act as active directory server


    Yes, but just how stable has it become? It seems to be in a perpetual beta for years now.

    Edit: I see that it's gone RC1 but with a warning not to deploy into production environments as yet.
  6. You don't mention it, but can it be presumed that your workstations are running Windows 7 Pro?
  7. Stop

    Ask yourself a few questions.

    Is this for a production environment or only a test / lab environment?

    Is there a budget assigned to this project?

    Does this system generate revenue or otherwise act as a critical component that's breaking would result in negative financial consequences?


    Active Directory is a few things at once, primarily DNS and LDAP tightly integrated. SAMBA can only provide for the AD PDC emulator login tickets, it can not provide for the DNS resource queries to the LDAP nor the LDAP service itself. The authorization only services for shared resources not client to client authentication and security roles.

    My personal suggestion is if your just learning then sure play with Samba and NT clients, it'll be fun. If this is for a business or production environment then just use a real NT server, it'll be more stable and a TON less headaches. The LDAP and DNS environment is tightly integrated and unless your an expert in ADC you won't be able to replicate those connections and objects inside an open source environment. You can use a Linux server to do lots of things, file services, backup services, web services, application hosting, network security device and so on. The one thing it's really not good for is acting as an AD authentication system for NT clients.

    On a side note, you might not even need an AD server. Would RADIUS serve your needs?
  8. Thanks

    would radius user login to their own laptop or other pc
  9. Honestly I've never used it for local authentication though I know it can work for shared resources.
Ask a new question

Read More

Windows 7 Domain Controller Linux