>As far as I know, no ldap or kerberos means no support for Active >Directory "net ads". Yes, true.
>In other words, you won't be able to join as a member server of a 2000 >or 2003 AD in native mode, but old fashioned NT40 "net rpc" commands >ought to work with a NT40 PDC or 2000 in mixed mode. Or just old peer >to peer workgroup. Maybe someone who's used samba3 "net rpc" or "net >rap" will correct me if I'm wrong. Well, you're halfway here. You _can_ *absolutely* join as a member server of a 2000 or 2003 AD in _native_ mode (yes, native mode!). You just won't be doing things via krb/ldap, you'll be doing it using rpcs. Remember, an NT server can join a native mode domain. It just can't be a _DC_ of that domain. That's what native/mixed is about...domain controllers, not server. However, there is another setting that you specify when you promote the first DC of an AD domain...whether or not you have any pre-win2k machines (and yes, you can go back by adding "Everyone" to the group "Pre-Windows 2000 Compatible Access". That's the setting that determines whether you can join/function in an AD domain. Everything else you say in that paragraph is correct. Sorry, it's just a common misconception that MS has done nothing to dissuade people from thinking (after all, you'll buy more licenses if you think you have to). ---------------------------- Jim McDonough IBM Linux Technology Center Samba Team 6 Minuteman Drive Scarborough, ME 04074 USA jmcd at us dot ibm dot com jmcd at samba dot org Phone: 1-877-228-1846 IBM tie-line: 349-5335 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
