Re: [Samba] Best way to integrate Unix with AD.

On 03/14/17 10:43, Rowland Penny via samba wrote:
On Tue, 14 Mar 2017 14:20:57 +0000
"A. James Lewis" <james@xxxxxxxxxx> wrote:

OK, I stand corrected... I was sure the last time I looked there it
assumed you have a Windows machine to administer the environment....
which I don't, but it seems that this assumption is no longer the

Is this the most sensible approach?... I've heard talk of directory
tools that maintain a meta level directory and present it as either
AD or whatever you need for another environment...

One thing I'm not sure about, is if the RFC2307 schema in AD includes
automounter information, for autofs?...

Not as standard, but the wiki has a page for it:



I am trying to setup Windows 2012R2 as the directory server . this is to migrate from a classic domain with Oracle ldap server backend for samba data, unix accounts, autofs etc. Samba 4 as an AD domain does not fully support trusts, and I don't feel comfortable using Samba as a directory server in a domain or forest that will have exchange servers. And if I am going thru migration pain I might as well just switch to Windows domain servers. I haven't worked with Windows 2016 yet.

If I can get RFC2307bis schema added to the AD schema then that should take care of the major hurdle to implementing autofs support. With linux, autofs configuration is flexible to support the "old" RFC2307 autofs syntax. However, solaris expects the newer RFC2307bis syntax. If you don't have solaris then you can probably manage with the older syntax.

I also have been looking at Centrify's web site- I don't think they provide a meta-directory, but instead they provide linux AD client software. This might make some of the administration and deployment simpler. I don't think it is essential.

