Samba4 and Unix information

Luiz Angelo Daros de Luca luizluca at
Mon May 4 18:05:41 GMT 2009


Currently we use 2 user databases: openldap (for unix) and AD (for windows).
We keep password synced by allowing its change only via a special software
that change
user password on both databases. To reduce the management effort, we started
a project to unify this two databases. We have 2 options:

1) AD with ServiceForUnix
2) Samba (as time is not critical here)

The first one allow me to use just one tool to setup a user. I can handle
the unix part using ldap (for nss) and kerberos (for pam). Besides that,
I still can use samba as a nss+pam client solution.

The second option would be more intersting as our server farm is strongly
based on Linux. I installed samba4 apha7 in order to start some testing for
a further "controlled production environment".
However, I didn't find anything to replace ServiceForUnix. Is samba intend
to managed user uid/gid/groups/shell?

I think that, before being a complete AD replacement, samba could be used as
tool to easily provide ldap+kerberos for Linux system. It's just a little
step from where samba4 is.
Anyone that tried kerberos+ldap know that managing account in both kerberos
with ldap is a mess. What is missing? Some schemas attributes and a UID/GID


    Luiz Angelo Daros de Luca, Me.
           luizluca at

More information about the samba-technical mailing list