The Samba documentation states quite clearly that is only capable of functioning as an NT4 style Primary Domain Controller and can not function as an Active Directory server. I manage a group of mixed systems (windows xp workstations and linux servers of various flavors), and looking to centralize authentication of various server applications as well as the client workstations. I am considering setting up a Samba server, but I can't find a feature break down between what would be offered by a PDC and an ADS to aid me in deciding if a Samba server would satisfy my goals. Does anyone know where I could find such a feature comparison?
Edit: The workstations are not currently on a domain. What ever active directory/samba configuration I introduce will be our group's initial foray into centralized authentication. This means setting up a Windows Server domain controller is a feasible option, but I'd prefer to do it with Samba as I am more Linux savy.
Best Answer
I'm not sure where to find such a point-by-point comparison. I've done a quick search and I'm not coming uo with much. There is some comparison in the official Samba HOWTO at: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-pdc.html
Here's some of such a comparison based on what I know:
With a Samba "PDC", you get a centralized account / group database for your member computers, as you would with an Active Directory domain.
You can use the NT 4.0 "User Manager for Domains" tool to manage Samba PDC users. Active Directory can be managed with the (IMHO, cleaner and easier to use) "Active Directory Users and Computers" tool.
You can replicate the Samba PDC's security database in a single-master fashion or multi-master fashion between multiple domain controller computers (depending on the back-end you choose to store the password data in). Active Directory is multi-master.
A Samba PDC will perform NTLM-based authentication. Active Directory can also peform NTLMV2 and Kerberos-based authentication.
A Samba PDC cannot provide Group Policy functionality like an Active Directory domain controller computer can.
Functionally, Samba acts as an NT 4.0 "PDC", so you can use comparison documents between the Windows NT 4.0 domain system and Active directory to give you some additional ideas.
Samba 4.0, which is still under development, is supposed to fufill the Active Directory domain controller function. An experimental branch of the Samba code, called Frankly, also seeks to implement Active Directory domain controller functionality (see http://wiki.samba.org/index.php/Franky).