[Samba] Anyone doing unified logins?

Tom Warfield twarfield at astcorp.com
Mon Dec 16 21:50:01 GMT 2002 

NOTE: Here is what I am looking at:
http://us6.samba.org/samba/docs/Samba-HOWTO-Collection.html#WINBIND
Right now I am looking at using winbind to authenticate users for our email
servers.

Currently here is how we are setup:
Postfix
Individual user logins for each user who receives email
POP3 for Outlook to receive email from the server

    As it is right now for each user we have to create a login/password for
the email server, and then go to the Windows 2000 Server in Active Directory
and create another user/password.  End users do not usually know the
password since it is different then their network login.

    Our goal is to use the Windows 2000 Active Directory to authenticate the
end users for email, and also to create one account on the AD server that
will show up automatically on the Linux box so that Postfix will receive any
emails sent to their username at domain.com.  If setup properly then we would
only have to setup a user in Active Directory, then the email server (using
winbind) would now know that user exists and accept email for them.  Plus
when the user has to authenticate to receive email it would use the stored
information from AD, also if the end user changes passwords then the email
server will know about this.  None of the users need a shell account, and
currently none of them have one setup.

  So my questions to the masses:
1.   Is anyone using winbind to authenticate for email like this? Are you
using postfix?   Any horror/war stories to tell ??

2.  What kind of success are you seeing? Is the email server dropping
anything email wise?
  (I have this fear that the email server might occasionally drop emails if
winbind loses contact with the AD server)

3.  We have more then one AD domain, can winbind handle more then one
domain?  Only 1 email server in this case.

4.  How often does winbind update changes from AD ?  For example lets say
someone changes their password, will winbind know immediately or will it
take awhile? What if we delete a user in AD?

5.  Does anyone have any other ideas on how to accomplish this goal?
(NOTE: we tried the AD4nix project and it does not work properly, also lacks
decent user support)

(Side Note-)
The Overall end goal is to find a decent solution comparable to Microsoft
Exchange using Outlook.  Preferable something that is free and we do not
have to pay for.  Using Postfix with AD to authenticate is a good step in
the right direction, and our next step will be looking at Calendaring
options that will mesh into Outlook since most end users prefer using
Outlook.


Thank you for any help or suggestions,
Tom Warfield

More information about the samba mailing list