[Samba] LDAP/Samba Groups question

[Chris McKeever]

> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sat, 19 Apr 2003, G. Armour Van Horn wrote:
> 
> > I'm trying to create a single structure that will serve the entire
> > organization, using LDAP replication to keep the users and groups
> > straight, which has it's own challenges, but the big mental 
> block here
> > is the domains and workgroups. I need to have a PDC in each 
> office, but
> > I can't have multiple PDCs in one domain and Samba doesn't 
> run as a BDC.
> > And some of the PDCs need to serve multiple workgroups, and 
> all of the
> > examples I've seen have a single workgroup defined in the [global]
> > section of their smb.conf files.
> 
> If you settle on a homogenous Samba solution, you can have 
> Samba a PDC and
> BDC's.  There's a howto included with the distribution that 
> covers this.
> 
> 

I am working on a similar installation.
I found this great tutorial:  http://www.skippy.net/linux/smb-howto.html

In addition, through research and talking to the above howto contributer, I
have decided to go with an LDAP authenticated SAMBA configuration.  One of
the selling points for me was the unified local/samba accounts (whereas
group membership and suthentication can be controlled from a single
source)..in addition, LDAP seems to be a bit more versatile for plugging
into other solutions down the road.

Here is a small howto on LDAP that I was reference to:
http://www.mandrakesecure.net/en/docs/ldap-auth.php

If anyone would like to send some feedback as to other pro's and con's of
either these methods (homogeneous samba/ldap authenticated samba) I am sure
others on the group would benefit and appreciate the help.

I am trying to iron out some logistics, and the more information the better
for me right now.

** G. Armour Van Horn - if you want to bounce some correspondence back and
forth, we may be able to assist each other at various roadblocks or f'ups...
**

Thanks - Chris McKeever