SAMBA on OS X Server [SEC=UNCLASSIFIED]

walter.hill at customs.gov.au walter.hill at customs.gov.au
Mon Mar 1 20:40:54 MST 2010



> 
> On Fri, 2010-02-26 at 14:35 +0800, walter.hill at customs.gov.au wrote:
> > Hi,
> >
> > I'm seeking some technical assistance and John Terpstra kindly
suggested
> > that I should post my problem to this list.
> >
> > We operate a mixture of Apple X-Serves (Intel and G5) running OS X
> > (10.6.x and 10.5.y), Windows 2003 servers and XP x32 and XP x64
client
> > PCs (Mac Pros and MacBook Pros) in a domain environment.
> >
> > The X-Serves provide Directory Services (Open Directory Master),
online
> > storage X-SAN and domain services using Apple's samba build
> > (3.0.28a-apple).
> >
> > We are in the *slow* process of migrating the servers to 2008R2
(x64)
> > and the clients to Win 7 (x32 and x64).
> >
> > The immediate issue is making the 2008R2 server a domain member (I
have)
> > but I've uncovered what I believe is the "trust problem" addressed
by
> > samba 3.4.4 - SIDs aren't resolving back to their actual names.
> >
> > I relied upon http://wiki.samba.org/index.php/Windows7 to make the
> > 2008R2 server a domain member.
> >
> > Apple's website provides a link to
> > http://www.apple.com/downloads/macosx/unix_open_source/samba.html
samba
> > (source) which I'm attempting to compile so that I can use it on our
> > X-Serves. I'm obviously missing something though and need
assistance.
> > Just to repeat this isn't a standalone instance of samba on OS X (I
have
> > found earlier references to running samba on older versions of OS X
and
> > on iPhones) as it must integrated with Apple's LDAP implantation
which
> > forms the basis of Open Directory serices.
> 
> So, in short, you want to update the Samba on OSX from 3.0 to 3.5,
while
> keeping it's hooks to Open Directory.

Yes. Apple don't appear to be too punctual in updating their enclosed
samba implementation. I have experienced an annoying range of other
issues with Apple SAMBA that have well and truly been fixed in later
samba releases. 

Example: (1) 64bit XP integration - Some users could log in but others
could not. (2) Unable to see samba groups (as opposed to users) from XP
computers which was required to apply permissions.

> 
> It isn't trivial porting Apple's modified Samba 3.0 release to Samba
> 3.5, but it should be possible - I'm sure Apple has complied with
their
> GPL obligations and all the tools you need are present.  It will be
hard
> work however, but if you do take it on, I'm sure you can post
questions
> here about the details.
> 
> The main task would be to adapt their passdb and auth modules to the
> later Samba releases.  I don't think those interfaces have changed
much,
> but it won't be just a matter of recompiling.
> 
> I hope this helps,
> 
> Andrew Bartlett
> 
> --
> Andrew Bartlett
http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> Samba Developer, Cisco Inc.


***************************************************************************************************
IMPORTANT:

* This transmission is intended for the use of the addressee only and might contain sensitive or legally privileged information. If you are NOT the intended recipient, you are notified that any use or dissemination of this communication is strictly prohibited. If you receive this transmission in error, please notify the author immediately by telephone and delete all copies of this transmission together with any attachments. 

* The Australian Customs and Border Protection Service DOES NOT AUTHORISE the recipient to further disclose this email or its contents without permission of the originator.

* Unsolicited commercial emails MUST NOT be forwarded to the originator of this transmission unless prior consent has been given.

***************************************************************************************************


More information about the samba-technical mailing list