[Samba] Samba and LDAP backend - howto docs problems?
minfrin at sharp.fm
Wed Mar 10 17:55:30 GMT 2004
John H Terpstra wrote:
>>Samba's LDAP configuration exists in the smb.conf file. pam_ldap /
>>nss_ldap's configuration exists in the ldap.conf file.
> Samba works with OpenLDAP, Sun iPlanet (Identity Server), IBM Tivoli
> Directory server, CA's product, Novell eDirectory, etc. So precisely how
> do you suggest we integrate all of these plus Samba so there is no
> duplication _AND_ so that the resulting code can be maintained?
All the software you've listed are LDAP servers, I was referring to
nss_ldap, an LDAP client whose config is found in /etc/ldap.conf, which
as you explain below is required for a proper functioning Samba + LDAP
I understand that nss_ldap runs on a number of platforms, which means it
is reasonably safe to assume that /etc/ldap.conf will be there, and if
it's not there, the existing LDAP config directives can be used as a
fallback, or Samba can be taught other places to look for the system's
> In my opinion, Samba has to remain independant of ALL system tools.
I agree, but Samba requires nss_ldap - if Samba is to maintain a
separate LDAP config from nss_ldap, then I would say that Samba should
not need the services of nss_ldap - it should be able to query this
information for itself.
> Given that Samba is Open Source software, who has responisbility to affect
> perfect integration? How will all the projects get integrated security and
> authentication support?
> Just remember:
> - The Samba-Team is not a massive corporation
> - We do not control any other project we may depend on
> So precisely HOW can we solve all these difficulties? I can not provide a
> better answer, other than the need for Open Source and Commercial open
> public software standards - something I am already working towards
By starting to address the fact that Samba is IMHO unnecessarily
complex. Work should be done on finding ways to simplify the config and
the operation of Samba, by looking for duplication and over-complex
elements, and finding elegant ways to simplify them. Samba's ability to
perform useful things doesn't amount to anything, if it takes a PHD to
figure out how those useful things work.
> The HOWTO is a document that aims to expound HOW the tools can be used.
> The Samba-3 by Example book aims to provide working solutions. It is
> unrealistic to attempt to do both in one book. Even as it is, the HOWTO is
> too big. The major improvement I have planned for the HOWTO is improved
> indexing - in time this will happen. As to content - please contribute.
I think it would be far more valuable to spend time simplifying the
software rather than trying to add even more documentation, of which
there is already a significant amount.
More information about the samba