AW: Suitable replacement of OpenLDAP

Alessandro Briosi tsdogs at
Thu Sep 9 07:38:05 UTC 2021

Hi all, just bouncing in the discussion to add my 2c of 

Basically you are simply using samba as a way to upload files to the 
server where the application is running.

To do this the configuration has been using Samba with OpenLDAP as Users 
backend, but it isn't directly connected to the application (beside 
using a link inside the home directory of every created user).

So when you add a user you do 2 things:
1. create the user in OpenLdap (so it creates a home directory) for Samba
2. Create the same user in your application and point the home directory 
for document imports

Now you might have 2 kind of situations:
1. The application is running on the same server and there is only 1 
server for every installation (which seems to me your requirement)
The solution would simply drop the usage of OpenLDAP and use Samba in a 
standalone environment (creating users directly in Linux and adding them 
to samba)

2. You need to have the same user access more servers
The solution would be to setup an AD for the users (possibly a VM to do 
just that) so it serves the users to all the other hosts, and then 
simply join all the SAMBA servers to the Created AD domain.

The process would be basically same as now, create the samba user and 
then in application in both situations.

Just to clarify:
OpenLDAP is a generic Directory Service which was an option to provide 
users to Samba in an NT1 Style domain.
SMB: is the protocol for sharing/transferring files used by MS (in 
various versions SMBv1, now deprecated, SMBv2 and SMBv3).

SAMBA: implements internally the Directory Services to mimic the Active 
Directory service by Microsoft which deviated from the standard LDAP 
protocol specifications.

Samba now is more than just the implementation of the SMB protocol (file 
sharing/transfer to be simple).

Hope it's clear and it helps you solve your problem.


More information about the samba-technical mailing list