On Mon, 14 Mar 2005, Brian E. Conklin wrote:
> Can someone tell me which would be better for performance and
> manageability for authentications lookups against a Windows2000 Active
> Directory group, LDAP or the SAMBA helper?
LDAP requires less components to install, but may have troubles with a AC
Forest of more than one tree and is somewhat tricky to configure unless
you know a little of how MS AD structure exposes itself via LDAP. First
playing a little with ldapserach or an interactive LDAP browser is
recommended.
Using Samba requires Samba to be fully installed and joined to the AD, the
rest is automatic.
If you want to use the "Microsoft Integrated Loing / NTLM" authentication
method wherby MSIE automatically logs in to the proxy with the current
user credentials then you must use Samba. LDAP is not an option for this
due to the Windows specific integration requirements (Samba Winbindd using
schannel to the NT Domain controller component of AD in the same manner
as an NT member server)
Regards
Henrik.
Received on Mon Mar 14 2005 - 10:44:33 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST