[Samba] Re: document request for samba + edirectory

Michal Kurowski mkur at poczta.gazeta.pl
Wed Aug 10 18:31:30 GMT 2005


Tara Chopra [t.chopra at earthling.net] wrote:
> So i have gone through the archives and see a lot of people asking 
> if samba can use edirectory as a source for user passwords. No i'm 
> down the same road myself =D my company is using edirectory 8.7.3 
> on Solaris and redhat enterprise linux 3. the samba server only 
> needs to talk to the redhat edirectory server though. From the 
> turtorials that i have read a lot pf people hook up edirectory and 
> samba for a lot of user info but when it comes time for the 
> passwords they rely on smbpasswd command to maintain a seperate 
> samba user password database. Is there no secure way of making 
> samba fetch user passwords from edirectory directly? -- Tara C.

What you need to extend your ldap server schema.
Samba specific schema definition for your server is located in samba
source distribution, in the following file:

/examples/LDAP/samba-nds.schema

To make it work in a secure way you have to make sure:

1) attributes operation (read, write, etc) permissions are set
   properly

2) some sort of secure authentication (SASL, SSL/TLS) system is
   deployed
 
Cheers,

-- 
Michal Kurowski
<mkur at poczta.gazeta.pl>




More information about the samba mailing list