[Samba] Authentication Problem...
Andrew McCall
it.andrew.mccall at oldham.gov.uk
Wed Sep 11 09:29:21 GMT 2002
Hi All,
I am sure that you have all read this email a thousand times before, but I am
having problems getting the information together and checking that what I think I can do, can be done :)
At the moment, we currently have 3 or 4 sources of authentication. We have Novell thats used or all users, OpenLDAP thats used for all mail accounts and
some NT accounts that are used for things like Citrix users in addition to standalone accounts on many Solaris and Linux boxes....
We now have to unify the logon process so that the same username and passwords
are used no matter what system you are using.
At the moment, the Windows-boys :) are all for moving to Windows 2000 and using ADS, but I am a little unsure about that due to the way the non-windows
systems will intergrate into this setup, the stability of ADS and the
potential MS-creep that this will force on the network.
I know that I could do pretty much what I want to do just via Samba, however
due to the way the company works, this isn't really an option, and I must somehow integrate it to a Windows network.
Basically, what I want to do is have all the usernames and passwords stored in
an OpenLDAP server, Samba pulls the users from the OpenLDAP and offers them to the W2K ADS domain.
Everything else can be done as per normal with W2K ADS and all its management
tools.
This is the sort of situation I am trying to get : (Hope the tabs work out)
OpenLDAP ->Samba ->Windows 2K with ADS
| | |
| Major Static Shares Groups, Roaming Profiles
qmail Software Deployment
Apache Shares,Printers
UNIX Accounts
The questions I have are :
If a user was added via a W2K admin, on a W2K machine would this go back into
the OpenLDAP directory?
Can the W2K servers be used in this situation for things like managing roaming
profiles, assigning printers on login and managing groups or users, basically
all the things that would usually be done with W2K.
Can I somehow have the Samba server as a "backup" server so if the W2K domain
goes down, the users can still log on via Samba??
Overall, I think that all I want is for a W2K ADS domain to use OpenLDAP ato
authenticate its users against, this way we can fully integrate it into out network with all the OS types we have.
Does anyone have ny experience with this sort of set up?
What do people recommend?
--
Thanks,
Andrew McCall
Internet/Linux System Administrator
I.C.T. Division
Oldham MBC
Civic Centre
West Street
Oldham
OL1 1UU
Tel : 0161 911 3990
Fax : 0161 911 3998
Email : it.andrew.mccall at oldham.gov.uk
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.oldham.gov.uk
**********************************************************************
More information about the samba
mailing list