Active Directory Domain Controller using Linux KDC as replica

Dolcino 21 Reputation points
2021-07-23T07:42:44.527+00:00

Hello,

I am wondering if it is possible to include an MIT KDC in an Active Directory realm.

I know that is is possible to create trust relationships between AD and non AD realms,

but it is possible to have a linux KDC as an replica for the AD ?

Here is the background. We would like to transfer from AD to MIT KDC since our company are not support windows remote machine anymore. Therefore, we want to change to MIT KDC from windows Ad which provide kerberos server.

Creating trust relationships could work but too complicate.

If we can set up a MIT KDC replica, we can change master and slave role based on that.

I will be very applicate if someone could give me some clue.

Thanks.

Dolcino

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,565 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,841 questions
{count} votes

Accepted answer
  1. Daisy Zhou 24,046 Reputation points Microsoft Vendor
    2021-07-26T03:51:29.99+00:00

    Hello @Dolcino ,

    Thank you for your confirmation.

    After a lot of my research, I cannot find any references or links about your request.

    And we have no such experience, either.

    Please understand ,we mainly focus on the issues or questions about on-premise Windows AD DS or on-premise Windows AD domain.

    For your request, I suggest you can try to consult the professional engineers from Linux product.

    If it is impossible to include an MIT KDC in an Active Directory realm.

    You can create trust relationships between AD and non AD realms.

    Or you can set up Linux Domain start from scratch based on the following links.

    Setting up Samba as an Active Directory Domain Controller
    https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller

    Joining a Samba DC to an Existing Active Directory
    https://wiki.samba.org/index.php/Joining_a_Samba_DC_to_an_Existing_Active_Directory

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Please note: Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.