We have a Linux environment (mostly RHEL 6.x) with a few standalone Windows boxes for specific tasks. The Linux setup uses LDAP to centralise all the account handling, passwords etc. However, the Windows boxes each have their own user accounts created individually, which is a pain.
I know you can use Samba to attach Linux boxes to Active Domain, or even use Samba as a Linux Active Domain controller for Windows boxes. But we don't really want to have an AD to look after, we're happy with LDAP etc.
Is there an easy way to attach non-AD WIndows boxes to LDAP so any LDAP user can log on to them and have an account created on the Windows box automatically? Or am I asking for trouble?
Failing that, what's the minimum that would be involved in running a small AD for all the Windows boxes and using LDAP as the main account store?
[link][12 comments]