[Samba] last ldap question ;-)

[Paul Gienger]

> if you have ldap and samba configured together do you still need to 
> have local accounts in /etc/passwd in order to use smbpasswd or 
> pdbedit utility?  (_fact_: smbldap-useradd.pl using them anyway _fact_)

You're going to love this... that depends.

IF you want your system(s) to authenticate against LDAP, independant of 
samba, then no, those user accounts will be stored in the LDAP store.  
If you are just storing samba data in ldap and don't care about network 
authentication at the system level, then yes you do.  There are many 
independant pieces of the puzzle that you can configure any way you want.

Note: putting samba in ldap and not using ldap for anything but storage 
of samba data (that is, with users in the system password file) is 
really quite a bit of overkill, that's what tdbsam is for.   I guess you 
could use winbind against your ldap server if you really wanted to 
though, which could work just fine.  It's really up to the way you 
wanted to set it up.

I would assume (and we know where that gets you) that most of the time, 
posix data is stored in LDAP first, the system authenticates just fine 
against LDAP, and then people would try to layer on samba support.  From 
the amount of problems people seem to be having, that doesn't seem to be 
the case.

>
> Thank you.
>
> Sincerely,
> Kiryl.
>

-- 
Paul Gienger                     Office: 701-281-1884
Applied Engineering Inc.         
Information Systems Consultant   Fax:    701-281-1322
URL: www.ae-solutions.com        mailto: pgienger at ae-solutions.com