Solved

How to enforce user-bound password policies to a samba domain controller

Posted on 2009-05-14
3
341 Views
Last Modified: 2012-05-07
Hi domain admins,

is it possible (I don't think so) to have a second domain controller running linux and have different password policies for different user groups applied?
You know this is possible with 2008 server and PSOs in a 2008 native mode domain, but can this somehow be used if one domain controller is running samba?
Furthermore: I know that there are third party softwares (like that from specops software) that could enforce several password policies per domain - does anyone know if those would work with a samba DC?
0
Comment
Question by:McKnife
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 24392232
You cannot join a non-Windows domain controller to an Active Directory domain, full stop. 2003 R2 and 2008 have a number of Unix services built into the OS, but all Active Directory domain controllers need to run the Windows Server operating system.
0
 
LVL 55

Author Comment

by:McKnife
ID: 24393707
Hi Laura!
Are you sure that the ongoing efforts with samba 4 (still beta) are not changing the situation? I will lookup some info about samba 4 at their site and come back.

Quote:
Samba 4 is the ambitious next version of the Samba suite that is being
developed in parallel to the stable 3.0 series. The main emphasis in
this branch is support for the Active Directory logon protocols used
by Windows 2000 and above.
[http://archives.free.net.ph/message/20090226.225715.77559df1.en.html]
0
 
LVL 55

Author Comment

by:McKnife
ID: 24421392
I was not able to find better info on how far the development of samba 4 has these possibilities. I was driven to ask this questions by others that were sure it is possible, so I think I'm gonna pass it back to them.
Thanks, Laura.
0

Featured Post

Enroll in June's Course of the Month

June's Course of the Month is now available! Every 10 seconds, a consumer gets hit with ransomware. Refresh your knowledge of ransomware best practices by enrolling in this month's complimentary course for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question