samba with openldap provisioning
Marc Muehlfeld
samba at marc-muehlfeld.de
Thu Aug 1 10:10:34 MDT 2013
Hello,
Am 01.08.2013 11:53, schrieb Nadezhda Ivanova:
> I've been trying to provision samba to use openldap backend, but have been
> unsuccessful so far, and as there are no error messages, I am not sure if I
> am doing something wrong or it is a bug introduced after development was
> discontinued. The howto has been removed from the wiki. I have a working
> installation of OpenLDAP - installed but not running (running or not, it
> seems to make no difference). I was unable to find if some special openldap
> configuration was needed, so I only have one database configured for my
> domain.
>
> This is my command line:
>
> /usr/local/samba/bin/samba-tool domain provision --use-rfc2307 --realm=
> nadya.com --domain=testdomain --host-name=drizzit --host-ip=127.0.0.1
> --adminpass=Secret123 --root=root --server-role="domain controller"
> --ldapadminpass=secret --ldap-backend-type=openldap -d 7
If you want to setup an Samba AD DC, you must use the build in LDAP
server and can't use any external. See
https://wiki.samba.org/index.php/FAQ#Is_it_planned_to_support_openLDAP_as_backend_again.3F
But the internal LDAP has many advantages (automatically replication
with every addition DC, easy ACL management, etc.). And here I store
also many aditional information in the Samba AD. Everything I had in my
openLDAP before (when I run the old NT4 style domain) could be
transfered to LDAP (for the most additional stuff you have to write a
short script by yourself) and find a good place there.
Is there any special reason why you want an openLDAP backend and can't
use the Samba AD (LDAP)?
Regards,
Marc
More information about the samba-technical
mailing list