How to enforce user-bound password policies to a samba domain controller

Posted on 2009-05-14
Medium Priority
Last Modified: 2012-05-07
Hi domain admins,

is it possible (I don't think so) to have a second domain controller running linux and have different password policies for different user groups applied?
You know this is possible with 2008 server and PSOs in a 2008 native mode domain, but can this somehow be used if one domain controller is running samba?
Furthermore: I know that there are third party softwares (like that from specops software) that could enforce several password policies per domain - does anyone know if those would work with a samba DC?
Question by:McKnife
  • 2
LVL 30

Accepted Solution

LauraEHunterMVP earned 1000 total points
ID: 24392232
You cannot join a non-Windows domain controller to an Active Directory domain, full stop. 2003 R2 and 2008 have a number of Unix services built into the OS, but all Active Directory domain controllers need to run the Windows Server operating system.
LVL 58

Author Comment

ID: 24393707
Hi Laura!
Are you sure that the ongoing efforts with samba 4 (still beta) are not changing the situation? I will lookup some info about samba 4 at their site and come back.

Samba 4 is the ambitious next version of the Samba suite that is being
developed in parallel to the stable 3.0 series. The main emphasis in
this branch is support for the Active Directory logon protocols used
by Windows 2000 and above.
LVL 58

Author Comment

ID: 24421392
I was not able to find better info on how far the development of samba 4 has these possibilities. I was driven to ask this questions by others that were sure it is possible, so I think I'm gonna pass it back to them.
Thanks, Laura.

Featured Post

A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This article explains how to use the rsync command to create backups and sync data across hosts. Rsync is a very useful command that is often used to copy data, make backups, migrate hosts, and bridge the gap between site staging and production envi…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question