Samba server as a domain controller
We want to expand our network and offer logons to all staff, pupils and parents via various web-based services (Moodle, email, file servers, whatever other random stuff I write). We want to avoid having to pay Microsoft any money to do this. The answer would seem to be a Samba server of some kind acting as a domain controller. Does anyone have any thoughts on the best way to go about this?
Do I use Samba 3 or 4?
Is it worth waiting for Ubuntu 10.4 LTS to come out next month? Should I install 9.10 and upgrade to 9.10 later, or should I use Debian instead?
Do I need an OpenLDAP backend, or does Samba supply its own LDAP server these days?
What's the best way of distributing policy changes to Windows workstations? I understand I can create and edit ADM files to set policies on workstations, how do I get those on to workstations? Can I install them via a share on each workstation?