ldap was Re: [Samba] Samba 4
lfarkas at bppiac.hu
Fri Aug 26 11:58:27 GMT 2005
Simo Sorce wrote:
>>and last but not least finaly some kind of non command line management
>>interface would be very usful. until then windows always be better:-(
> Have you ever looked at swat2 in samba4 ?
no. i'm just read the swat4.txt, but
- will it be able to manage users?
- will it be able to manage computers?
- will it be able to manage emails? even with more domains?
- will it be able to manage other services? smtp, pop3, imap, http
proxy, and new servieces can be easily added in a clean modular way?
all these information usualy keep in an ldap server and all services use
this ldap server. if we have different tools for different part of the
same ldap tree, then the whole thing are unmanagable. eg if i try to
assing an email or an email alias to a user, then i wouldn't like to
duplicate the user (since it never will in sync), but if i use a
different tool for this and a different too for user's samba attrib
management than different kind of entries will be created and that's
another nightmare. gosa is the only usable, but not the real solution.
the best thing in ms' ad is it centralized unified interface for all
kind of user attrib management, which is currently not possible in the
linux world, since there is no standard schema for many things even so
basic thing like email address. if samba solve only one part of the
whole problem without care about the other parts and everybody do it in
the same way, then it will never be a consistent, easy to use, managable
solution. even if the parts are nice, elegant, clean or even faster the
ms' own file server. exactly the same happend with samba acl and the os'
filesystems. the os, filesystem developer create different fs acls while
the sabma team use another share level acl or can us fs' acl, but no one
realy cares about how to put together the whole thing. how can i manage
this from the server side? command line tools? how can i select vaild
users without make a typo, etc. how can easily manage share's acl on an
fs which can be used eg. a linux nfs mounted directory. have you ever
try to mount a samba share through nfs or smbmount or cifs? none of them
realy usable if there are some kind of acls, force user, etc.
the whole point in the above that beside the deep techical reasons just
try to keep in mind the users (which can be sysadm and end users) point
of view. they not realy cares about the rpc calls, but they like to
easily use a clean system (if it's faster than it's a plus).
Levente "Si vis pacem para bellum!"
More information about the samba-technical