August 03, 2010, 9:47 PM — "East is East, and West is West, and never the twain shall meet," is a line from Rudyard Kipling's The Ballad of East and West. It could also apply to Windows and Linux. If you don't know what you're doing, getting the two to meet on the network can seem like it's almost impossible. Fortunately, it has gotten easier over time.
It's not a job though for an average Linux administrator or a Windows Microsoft Certified Systems Engineer (MCSE) who's still wet behind the ears. While parts of it, such as sharing files and printers across a network between Windows and Linux systems, are simple enough, bridging the gap between Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) requires some serious network engineering.
[ Linux School: Getting started with Linix ]
The first part, simply sharing files and printers, can be handled by using Samba as a server or as a client on Linux and Mac desktops. Samba is an open-source program that provides Server Message Block/Common Internet File System (SMB/CIFS) file services. With Samba, your Linux servers can act just like Windows file and printer servers to all your desktop clients. Whether your PCs run Windows 7, XP, Mac OS X, Snow Leopard, or Ubuntu, Samba can get the files to them whenever they need them without much fuss or muss.
But, once you start trying to manage logins and authentication between Linux and Windows systems with just AD or by combining LDAP and AD, things can get complicated. One way to handle this is just not to use AD at all. I know, I know, that's heresy to Windows administrators. But, for small to medium business networks, an LDAP implementation such as OpenLDAP may be all you need for both Windows and Linux servers and desktops. If you need more, there are other network directories that can work for both operating systems that come with enterprise-level support such as Novell's eDirectory.
If you can't wean yourself from AD, and let's face it, there are a lot of reasons to stick with AD, there are other approaches to Linux and Windows network rapprochement. For starters, there's Likewise Software with Likewise Enterprise.
With this program, you can Join non-Windows servers to AD. In addition, you have a centralized administration console that lets you provision and manage users and systems no matter whether they're running Linux, Unix, and Mac OS X. Last, but never least, you can use it to provide a SSO (Single Sign-on) regardless of the user's native operating system.
[ And the best Linux desktop distro of all is... ]
If you want to give it a try first, Likewise also offers Likewise Open an open-source program that lets Linux and Mac users authenticate against and join AD domains and forests. This software also enforces AD password policies across Linux systems.
Likewise isn't the only company that tries to get Linux and Windows servers to coordinate with each other. Centrify also offers programs that can get the pair working together. In Centrify's case, Centrify DirectControl works by making a non-Microsoft server, workstation or device appear as a Windows AD client. This enables Windows administrators to secure Linux and Unix systems using their familiar AD authentication, access control and Group Policy services. To this, however, requires a particular client for each version of Linux, Unix, or Mac OS X that you're running.
