[Samba] LDAP + samba + unix authentication
Adalid Bruno
adalidb at sco.com
Wed Jan 14 21:16:37 GMT 2004
Hi,
After a lot of trial and error I managed to get ldap + samba 3 running.
Samba now authenticates through ldap. But somehow the difference between
a unix and a samba login still exists.
I use smbldap-useradd.pl to create an ldap entry. There are two options:
With the "-a" option the entry contains the objectClass
"sambaSamAccount", and a lot of Windows related attributes.
Without the mentioned option, the program creates an entry with
objectClass "posixAccount" and the normal nss attributes.
Through smb.conf I have defined smbpasswd to use smbldap-useradd.pl to
update the passwd in the ldap directory.
So, now I still have to have two entries per user in the ldap directory
because with the sambaSamAccount userPasswd is {SHA}encrypted and with
the posixAccount the userPasswd is {CRYPT} encrypted. Though two entries
in LDAP is much more maintainable than anything I have seen before, I
still have the idea that things can be solved more gracefull, with one
entry and an automised password sync between unix and samba.
Any suggestions?
****
Robert,
Have you tried SCO Vintella for the password authentication?
http://www.sco.com/products/authentication/
You can doanload the software for free as a 60-eval copy at
http://www.sco.com/download/
Please let me know if it works, and what do we need to do to make it to
work.
Thanks,
-adalid
More information about the samba
mailing list