Re: LDAP: possible problems with user authentication
On Mon, Feb 22, 2010 at 10:42:31AM -0400, Germana Oliveira wrote:
> Some service (software) companies have been telling us 'not to use
> ldap for user authentication' instead they recommend us to use
> Microsoft Active Directory, this because, they say, LDAP is
> problematic, talking about domain, and hard to use - for example is
> very complicated to change a password in LDAP, versus the Graphical
> interface of Active Directory.
Probably because they sell MS Active Directory, and don't sell LDAP on
> We think, Active Directory can be a open door for our system, so we
> really want to use LDAP, because all our servers are going to be in
> So we want to know your experience with LDAP.
At a previous job I set up Samba/LDAP as a domain controller (as a test
only, it was not used in production). It worked. Windows clients could
change their passwords using the default Windows tools.
There are several GUIs for this:
ldap account manager
I'm sure there are more, but those are a few that I've tried.
There is a lot to learn if you are going to set this up yourself.
Alternatively, you could try a pre-packaged solution like SMEServer,
which will set up a domain controller for you. I tested it and it
worked, but it seemed less flexible (but very simple) than doing it by