As long as I have been using Linux, I have been striving for seamless interoperability between my Linux and Windows experiences. It hasn't been easy, but over time - with enough tinkering - I have arrived at a very finely tuned setup that provides full functionality in both environments.
The big requirement for all of this is a Linux server, along with a Linux/Windows desktop.
LDAP authentication is key for true consistency. With it, we have only one source for accounts and passwords. The passwd/shadow files are still used for root and system accounts on the Linux side, but all user accounts exist only in the LDAP directory. I use OpenLDAP for this task. This Howto was helpful.
Samba is also key. My Samba server is set up as a domain controller, using LDAP authentication. This is what makes the Windows client use the same LDAP directory as the Linux client. All of this took some digging around in the Samba Howto Collection. My smb.conf is attached to this post.
I also use smbldap-tools to act as an interface between Samba and OpenLDAP. This set of tools includes useradd, passwd, etc. scripts that act on the LDAP directory.
Obviously this isn't a step-by-step howto, but merely a guideline. Besides, I honestly don't remember exactly how I did all of this :)
The hope is that it will be much easier for somebody else if they know where to look.
Moving on, the main setup now being in place, I looked to the system policy editing. As you may know, Samba does not use Windows 2000 style group policies, but rather the older NT4 style system policies. This type of policy has its drawbacks such as registry tattooing (where a policy is enforced until another policy specifies otherwise), but for our purposes it will do just fine.
The only policy setting I use is a folder redirection of My Documents to serverusernameDocuments so that I have a Documents directory right in my Linux home directory.
The system policy editor is not included with Windows XP, but one simply has to download a Windows 2000 service pack, extract it with the /x switch, and install it from there.
The policy templates file I use is attached to this post.
The latest addition to my setup is the Mozilla Thunderbird email client. With just a little tinkering I was able to configure it to use the same directory in both Linux and Windows (it uses the directory in my linux home dir).
Again, this is nowhere near a complete howto. I have neither the patience nor the experience to take on such a task. Keep in mind that this whole setup took months of playing around to achieve, only because I was starting with a blank slate.
If I were to very simply trace my footsteps, it would look something like this:
Install Samba (manually map home dir) -> setup domain controller with tdb backend (map via logon script) -> system policy -> LDAP authentication (linux) -> convert Samba to LDAP with the help of smbldap-tools -> Thunderbird.
I would be happy to offer any help I can if anybody tackles this and gets stuck at some point. Perhaps if I go through the steps with others enough times, a full howto may not be out of the question afterall.
12/05/04: Linux and Windows Interoperability
As long as I have been using Linux, I have been striving for seamless interoperability between my Linux and Windows experiences. It hasn't been easy, but over time - with enough tinkering - I have arrived at a very finely tuned setup that provides full functionality in both environments.
The big requirement for all of this is a Linux server, along with a Linux/Windows desktop. LDAP authentication is key for true consistency. With it, we have only one source for accounts and passwords. The passwd/shadow files are still used for root and system accounts on the Linux side, but all user accounts exist only in the LDAP directory. I use OpenLDAP for this task. This Howto was helpful.
Samba is also key. My Samba server is set up as a domain controller, using LDAP authentication. This is what makes the Windows client use the same LDAP directory as the Linux client. All of this took some digging around in the Samba Howto Collection. My smb.conf is attached to this post.
I also use smbldap-tools to act as an interface between Samba and OpenLDAP. This set of tools includes useradd, passwd, etc. scripts that act on the LDAP directory.
Obviously this isn't a step-by-step howto, but merely a guideline. Besides, I honestly don't remember exactly how I did all of this :) The hope is that it will be much easier for somebody else if they know where to look.
Moving on, the main setup now being in place, I looked to the system policy editing. As you may know, Samba does not use Windows 2000 style group policies, but rather the older NT4 style system policies. This type of policy has its drawbacks such as registry tattooing (where a policy is enforced until another policy specifies otherwise), but for our purposes it will do just fine. The only policy setting I use is a folder redirection of My Documents to serverusernameDocuments so that I have a Documents directory right in my Linux home directory.
The system policy editor is not included with Windows XP, but one simply has to download a Windows 2000 service pack, extract it with the /x switch, and install it from there. The policy templates file I use is attached to this post.
The latest addition to my setup is the Mozilla Thunderbird email client. With just a little tinkering I was able to configure it to use the same directory in both Linux and Windows (it uses the directory in my linux home dir).
Again, this is nowhere near a complete howto. I have neither the patience nor the experience to take on such a task. Keep in mind that this whole setup took months of playing around to achieve, only because I was starting with a blank slate. If I were to very simply trace my footsteps, it would look something like this: Install Samba (manually map home dir) -> setup domain controller with tdb backend (map via logon script) -> system policy -> LDAP authentication (linux) -> convert Samba to LDAP with the help of smbldap-tools -> Thunderbird.
I would be happy to offer any help I can if anybody tackles this and gets stuck at some point. Perhaps if I go through the steps with others enough times, a full howto may not be out of the question afterall.
Good luck!
My Samba config file Poledit Template