On Mon, Feb 7, 2011 at 2:53 PM, Raymond Norton <admin at lctn.org> wrote: > Couldn't get things working on the box I was on. In my research I found > likewise-open, installed and configured on my laptop and was able to join > the domain. Just curious if there is a reason not to go that route? Last summer I completed a large project at $WORK, getting all of our linux hosts to use AD for authentication and authorization. I evaluated Likewise, but (for reasons stated below) chose to go with a "standard" LDAP/Kerberos setup. Likewise is a decent solution for simple AD domains, but if you do any amount of automation in your AD environment, it's a disaster. Likewise creates a bunch of hidden LDAP objects which is uses to store its data instead of using the standard RFC2307 attributes on the target objects. This makes it a *lot* more complicated to maintain programmatically than it needs to be. I'd be glad to share more information with you on this if you'd like, either on or off-list. -Erik