Aha! So do I understand this correctly: Although the documentation
that " joining Samba 4 to your Active Directory domain as a member
will currently not work", the actual process of joining the domain
with samba4 as another DC actually DOES work, but will break if you
use any of the samba tools to actually manager users, but I'll be fine
as long as all changes in the directory happen exclusively through the
replication with the existing domain? That would be okay ... in fact
that's how I was planning to do it anyways :)
What is mentionned is that using samba as a "member server" does not
work. A "member server" is actually a regular client with the privilege
of forwarding authentication for certain applications. That's how
OpenChange should actually be used and that's what we never managed to
make work yet.
I'd love to set up samba4 as read-only domain controller - something
that samba claims to partially support, but the last documentation
update seems to be from 2010, and I'm not quite sure how usable that
feature has become by now. One document says "it's in its very
infancy", but another document lists all except one "to do" item as
"finished". Not quite sure what to make of that. Has anybody here ever
tried it?
Ah, yet another thing. "read-only" domain controller does not work yet.
Wolfgang
--
[email protected]
https://inverse.ca/sogo/lists
