• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 391
  • Last Modified:

Integrating Windows + Linux

Hi all
As the heading suggests I am looking at Integrating Windows and Linux servers. I am looking at setting up two servers, one windows 2000/2003 box and a Linux server of some sort.

Simply put, what I want to achieve is having windows clients authenticating to the Linux server but having gpo's implemented by the windows server. Infect, I will be having a windows front end and a Linux back end. Now, I know you can use samba to make windows users log onto a Linux server, but that doesn’t help with implementing GPO's.

As far as I can see, this is the set up that large corporations have when they have windows clients and a UNIX servers. The windows clients are authenticating to the UNIX box and the GPO and other windows specific components managed by a windows server.

So what i am after is if someone can tell me how this can be done, what software you need and any further documentation/web pages that detail how to carry out this process.

Thanks in advance
  • 3
  • 2
2 Solutions
I support a mixed windows and linux network - 4 linux servers and 3 Windows servers. Because Windows is such a ubiquitous operating system, linux support for it is actualy quite good considering that Microsoft is not always forthcoming with protocols used. Here is an overview:

Samba - (www.samba.org) This is bundled withmost linux OS. It is for authenticating systems on the network, and also provided file sharing capabilities. To simplify configuration of this, have a look at the web based  SWAT client, or webmin:


As for GPO facilities, it depends on the system that  you are implementing, or wish to implement, as there are numberous linux based solutions for the various componets required:


..and more. The above come with most distributions.

If you want a commercial solution, Lotus notes is available for linux.


The only applications that I still have running on windows systems are 'legacy' applications. Accounts and specialist engineering solutions.

Don't forget the importance of backups, internal web servers etc which can all happily be run on your linux systems as well.

As a big *top tip*. If you need Terminal Services to run legacy applications, using Win 2000 server is vastly cheaper than 2003, because Windows 2000, and XP systems have a licence built in enabling them to connect to a Win 2000 server without an addition TS CAL. Win 2003 requires a CAL for all systems ....and at approx $120 per CAL, it can make a significant cost difference.

First of all, you have to use samba 3.0 or higher on your linux box. To use your GPOs make samba part of your windows network by joining the domain (see www.samba.org on how to do that) All you have to do is configure your smb.conf - File with the name of your domain and set security to server or domain (i am not quite sure, so have a look at the documentation) This makes the samba - server authenticating every user on the windows - box. Within this configuration all domain - related stuff will be performed on the user, as long as it is part of the windows config. The samba server will just do the other stuff like file sharing and so on...

some usefull commands and configs in your smb.conf:
         Workgroup=XYZ            Name of your workgroup or your domain
      security = domain         authenticate on a windows - server
      password server = *      query any host on the network to get the primary domain controller of your win - network
      encrypt password = Yes      You have to set this, to make your network more secure (reqiured by win2k and above)

To join your domain type
net rpc join -U administrator%password

vdhantAuthor Commented:
Sorry for the late response guys and thanks very much

What you have suggested is kind of what i was after, by doing the above i can do most of the stuff with GPOs and logins. There was a few other things that i was hopping to do as well.

For example the type of integration I was hoping to have was down to the level that i could use a  distribution server like sms, and getting its list of users and computers from the Linux server and then being able to distribute it from the windows server. I was also hoping to get use these list for other windows based applications

Also i don't know heaps about Linux network setups (in terms of replication) but i thought that I might have a windows network setup, with a domain, site, ou and local computer structure. With the main Linux server going to two site servers (one in Brisbane and one in Sydney, maybe windows servers). Or something like that.

The above isn't my sinareo but i was hoping for something that would address these issues, partially the part about the windows services being able to get a list of users and computers from the Linux server

Thanks a lot
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

The bit by sumpi relating to samba 3.0 and it's configuration makes the Linux server act as the point of authentication for windows systems on the network.

As for a distribution server, most of the features that you are after can be implemented using samba. The best way to approach this is (or indeed any problem) is to ask if you are really adsressing the problem that you need to solve. If it is a real problem with a windows solution, then there is normally a linux alternative that'll save you a fortune in licence fees:)

However...from your response, it looks as if you are trying to do something fairly big here:)...so......lets give you a few more pointers:

1.     Samba has the ability to provide file/printer sharing and authentication to windows, (or indeed linux systems), and can integrate into the windows domain framework.

2.     As you are planning on having geographically seperate networks/systems that you wish to authenticate against a central server, I'm going to suggest that you have a look at LDAP:


Most mainstream Linux distributions come with it.

3.    Linus supports a functionality called PAM (Pluggable Authentication Modules), and this enables remote authentication in a more robust manner. You would just use the LDAP PAM module to authenticate samba(your domain accesses and logins) against the centrally maintained LDAP server database. This is effectively a little how Active directory works.

I guess you'll need to have a look through the above and do a little bit of reading now in order to crystalise in your own mind exactly how you wish to go about this. It is not trivial, but if you can cope with it, you'll save a fortune in licence fees!
vdhantAuthor Commented:
Cool sounds good and is getting towards what i am after.

But one question still remains is there any way of windows services (on a windows server) being able to get a list of users and computers from the Linux server/samba.

thanks ant
vdhantAuthor Commented:
Does anyone have any idear
thanks ant
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now