[Samba] Samba Member Server or LDAP?

Buchan Milne bgmilne at cae.co.za
Fri Nov 15 10:01:02 GMT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Message: 20
> From: "Nick Willey" <nwilley at ashgate.com>
> To: "Samba Mailing List" <samba at lists.samba.org>
> Date: Thu, 14 Nov 2002 15:54:42 -0500
> Subject: [Samba] Samba Member Server or LDAP?
>
> Hi,
>
> Is it possible for samba to act as a member server in a samba domain?

Yes

>
> What I'm trying to accomplish is:
>
> I already have a samba pdc setup.  Everything works fine with login
scripts,
> password change, etc. However I need to move all of the home directories
> onto another server with a much larger disk and would like to keep the
> existing server to authenticate users against.  My idea was to point
the new
> "member" server to the existing "pdc" as password server, and set the
"pdc"
> server logon home option to point to \\member\home\%u.
>
> My ultimate goal is to centralize user/machine management and only have to
> do it one one machine, but have the option of several servers available to
> all users setup on said machine.
>
> Would looking at implementing LDAP be a more efficient option?

Samba can act as a domain member, but it needs some way to be able to
map windows SIDs to UID/GIDs for permissions etc to work, so you need to
be able to sync unix accounts for this to work. LDAP is probably the
better method. But you don't need samba to store it's passwords in LDAP,
in fact with 2.2.x it may be better not to.

So, you probably need to setup LDAP (or NIS or rysnc your passwd files)
regardless. LDAP has other benefits which NIS and passwd file syncing
don't have.

Buchan

- --
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work            +27 82 472 2231 * +27 21 8828820x121
Stellenbosch Automotive Engineering         http://www.cae.co.za
GPG Key                   http://ranger.dnsalias.com/bgmilne.asc
1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE91MZLrJK6UGDSBKcRAt2EAKDHvp3sR2ZyWWrECi1XZMx2RrtBpQCfY7K1
kGJSOohySfmBgXbe4n4RKrQ=
=gUw6
-----END PGP SIGNATURE-----




More information about the samba mailing list