On Wed, 2016-07-06 at 22:54 -0400, Adrian HY wrote: > William, thanks for your quick response. My principal preference for 389-ds > is the multimaster replication. I need some Windows users can authenticate > in 389-ds but not using third-party software such as pGina.
If you want to authenticate windows hosts without pGina, you will require a MS ADDC, or Samba4 acting as an ADDC. You cannot use 389-ds for this purpose I am sorry. Samba 4 and MS ADDC both are capable of multiple master replication and complex topologies. Please see: https://technet.microsoft.com/en-us/library/cc755994%28v=ws.10%29.aspx https://wiki.samba.org/index.php/Join_an_additional_Samba_DC_to_an_existing_Active_Directory > > I know that 389-ds is just a directory but I read this post ( > http://directory.fedoraproject.org/docs/389ds/howto/howto-samba.html) and I > would like to know if the solution can be valid or if there is another > alternative. That blog is related to using a samba install to authenticate users to shares against 389-ds where an AD domain is not available. I hope that this helps you, -- Sincerely, William Brown Software Engineer Red Hat, Brisbane
signature.asc
Description: This is a digitally signed message part
-- 389-users mailing list 389-users@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
