If you use Kerberos along with LDAP, you can configure the desktops to use MITv5 Kerberos from a UNIX-based realm....
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Again, you still lose the advantages of a domain. You need Active Directory for group policies, for instance, and for a central store of groups. Also, setting up cross-realm trusts can be a challenge in MITv5 where it's a breeze in Active Directory.
If you end up deciding to synchronize between your UNIX-based LDAP service and Active Directory, you'll need to invest in a utility that keeps the two databases in sync. This can be a challenge if you have many AD-based domains, or if users can create ad hoc domains, such as on a college campus. Microsoft makes a product called Microsoft Metadirectory Service (MMS) that can do this.
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.