[Samba] Samba file server using ldap backend without AD or PDC?
Andrew Bartlett
abartlet at samba.org
Mon Dec 3 04:49:11 MST 2012
On Fri, 2012-11-30 at 08:28 -0500, Brian Gold wrote:
> Hi all,
>
>
>
> I've been using samba for a few years now on a couple of file servers with a
> tdbsam backend for our user accounts. We use openldap for the vast majority
> of our identity management, so I would love to be able to tie into this. We
> recently started using sambaNTPassword in openldap for radius
> authentication, so this is populated for most of our users now.
>
>
>
> >From reading through some of the documentation though, I'm a bit confused as
> to how this would be implemented. We don't currently have Active Directory
> and don't have any samba PDC/BDCs set up. Would it be necessary for us to
> have a PDC/BDC in order to use openldap as our backend?
Yes, if you have multiple servers that you wish to use this for.
Essentially you make your file servers DCs, even if you don't ever join
clients to the domain. That way, they have the same SID, which is
stored in LDAP (normally the domain SID is per-machine).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list