[Samba] LDAP + samba + unix authentication

Adalid Bruno adalidb at sco.com
Wed Jan 14 21:16:37 GMT 2004


Hi,
After a lot of trial and error I managed to get ldap + samba 3 running. 
Samba now authenticates through ldap. But somehow the difference between 
a unix and a samba login still exists.

I use smbldap-useradd.pl to create an ldap entry. There are two options:
With the "-a" option the entry contains the objectClass  
"sambaSamAccount", and a lot of Windows related attributes.
Without the mentioned option, the program creates an entry with 
objectClass "posixAccount" and the normal nss attributes.

Through smb.conf I have defined smbpasswd to use smbldap-useradd.pl to 
update the passwd in the ldap directory.

So, now I still have to have two entries per user in the ldap directory 
because with the sambaSamAccount userPasswd is {SHA}encrypted  and with 
the posixAccount the userPasswd is {CRYPT} encrypted. Though two entries 
in LDAP is much more maintainable than anything I have seen before, I 
still have the idea that things can be solved  more gracefull, with one 
entry and an automised password sync between unix and samba.

Any suggestions?

****
Robert,

Have you tried SCO Vintella for the password authentication?

http://www.sco.com/products/authentication/

You can doanload the software for free as a 60-eval copy at

http://www.sco.com/download/

Please let me know if it works, and what do we need to do to make it to 
work.

Thanks,
-adalid



More information about the samba mailing list