AW: Suitable replacement of OpenLDAP
tsdogs at briosix.org
Thu Sep 9 07:38:05 UTC 2021
Hi all, just bouncing in the discussion to add my 2c of
Basically you are simply using samba as a way to upload files to the
server where the application is running.
To do this the configuration has been using Samba with OpenLDAP as Users
backend, but it isn't directly connected to the application (beside
using a link inside the home directory of every created user).
So when you add a user you do 2 things:
1. create the user in OpenLdap (so it creates a home directory) for Samba
2. Create the same user in your application and point the home directory
for document imports
Now you might have 2 kind of situations:
1. The application is running on the same server and there is only 1
server for every installation (which seems to me your requirement)
The solution would simply drop the usage of OpenLDAP and use Samba in a
standalone environment (creating users directly in Linux and adding them
2. You need to have the same user access more servers
The solution would be to setup an AD for the users (possibly a VM to do
just that) so it serves the users to all the other hosts, and then
simply join all the SAMBA servers to the Created AD domain.
The process would be basically same as now, create the samba user and
then in application in both situations.
Just to clarify:
OpenLDAP is a generic Directory Service which was an option to provide
users to Samba in an NT1 Style domain.
SMB: is the protocol for sharing/transferring files used by MS (in
various versions SMBv1, now deprecated, SMBv2 and SMBv3).
SAMBA: implements internally the Directory Services to mimic the Active
Directory service by Microsoft which deviated from the standard LDAP
Samba now is more than just the implementation of the SMB protocol (file
sharing/transfer to be simple).
Hope it's clear and it helps you solve your problem.
More information about the samba-technical