[Samba] Samba PDC+LDAP on FreeBSD

Ronan Waide waider at waider.ie
Wed Jan 22 11:28:01 GMT 2003


On January 22, lskuo at fgs.org.tw said:
> 1. What packages/ports do I need to install? Because most papers of LDAP 
> online I could find mentioned little about Openssl. However, as I know, 
> it's necessary for the option "ldap ssl = start_tls" in Samba . Also, I 
> didn't find any ports of nss_ldap, but nss_ldap was mentioned by all 
> samba+LDAP combination. What's wrong with that? nss_ladp didn't support 
> FreeBSD? Without nss_ladp, can I still achieve my goal: Samba+ LDAP as PDC?

FreeBSD doesn't support NSS, as I understand it. What the nss_*
modules do is act as lookup sources when the system needs to identify
a user, host, password, group, etc. So on a Linux system, for example,
you can instruct the system to first look in files (/etc/passwd, etc)
then try LDAP, and so on until a match is found or the sources are
exhausted.

In the case of Samba, this facility is not strictly necessary; Samba's
requirement for working NSS support is solely so it can look up a Unix
account or Group to match the SMB account or group information. You
can get around this by either creating Unix accounts for all your
Samba users, or using one of the non-unix account backends (ldap_nua,
in your case). Note, as far as I know the _nua backends are only
available in Samba 3.
 
> 2. Individual configuration/setting for every package.

Tall order. Do you have a working LDAP setup already? You seem to have
a working Samba setup, so what you want is to migrate the information
in that into LDAP. I can't help you with that, since I've not done
it. I'd suggest browsing the mailing list archives.

> 3. How to start every service?

Again, a tall order. I'm not a FreeBSD user, so I can't really help
you on this.

Cheers,
Waider.
-- 
waider at waider.ie / Yes, it /is/ very personal of me.

buzzard says, "If you are willing to put aside your kneejerk human speciesism,
    the AIs are perfectly sympathetically 'no worse' than humans." <matrix>



More information about the samba mailing list