[Samba] Re: document request for samba + edirectory
Michal Kurowski
mkur at poczta.gazeta.pl
Wed Aug 10 18:31:30 GMT 2005
Tara Chopra [t.chopra at earthling.net] wrote:
> So i have gone through the archives and see a lot of people asking
> if samba can use edirectory as a source for user passwords. No i'm
> down the same road myself =D my company is using edirectory 8.7.3
> on Solaris and redhat enterprise linux 3. the samba server only
> needs to talk to the redhat edirectory server though. From the
> turtorials that i have read a lot pf people hook up edirectory and
> samba for a lot of user info but when it comes time for the
> passwords they rely on smbpasswd command to maintain a seperate
> samba user password database. Is there no secure way of making
> samba fetch user passwords from edirectory directly? -- Tara C.
What you need to extend your ldap server schema.
Samba specific schema definition for your server is located in samba
source distribution, in the following file:
/examples/LDAP/samba-nds.schema
To make it work in a secure way you have to make sure:
1) attributes operation (read, write, etc) permissions are set
properly
2) some sort of secure authentication (SASL, SSL/TLS) system is
deployed
Cheers,
--
Michal Kurowski
<mkur at poczta.gazeta.pl>
More information about the samba
mailing list