I called upon my colleague John Terpstra, member of the Samba open source project team, author of Samba 3 by Example (PrenticeHall PTR, 2004), and fellow SearchEnterpriseLinux.com Advisory Board member, for help in addressing this question.
You have a couple of options as to how to move forward. Much depends upon your short- and long-term plans. You mention migrating from Windows 2000 to Linux. How you move forward depends upon whether you plan to add Linux boxes to an existing Windows-based infrastructure or to make a wholesale migration to an all-Linux infrastructure. Most organizations make the former choice rather than the latter.
Based on that, a good alternative is to keep the current AD setup and integrate the Linux boxes to the environment with Samba. Samba enables Linux boxes to "look" like Windows servers and offer file and print sharing. It does this by emulating the Windows protocols used to identify and authenticate computers in an AD environment. A complete discussion of how to accomplish this is contained in Chapter 9 of John's book.
If you wish to migrate the AD setup into a Linux-based LDAP setup, you're in for more work. AD uses a number of Microsoft-specific LDAP extensions that must be put into the new LDAP configuration. Absent these extensions, the migration will not work. Your product choices include iPlanet as well as OpenLDAP, which is an open source LDAP implementation. Unfortunately, there isn't a good source of documentation for this configuration, as it is not very common. A combination of searching the web for postings, posting questions to Linux and Samba forums/mailing lists, and perhaps seeking out consultants who have performed similar migrations is your best bet.
This was first published in October 2004