[Samba] Samba PDC, ldap or mysql????

Mark Nehemiah mnehemiah at urschel.com
Thu Aug 25 17:28:51 GMT 2005 

On Thu, August 25, 2005 12:10 pm, John H Terpstra said:
> On Thursday 25 August 2005 10:48, Mark Nehemiah wrote:
>> Hi all,
>>        I'm under the gun to rid ourselves of the nt4 PDC which we
>> currently use.  options are A/D, samba, pgina.  I really dig pgina,
>> but dont think I can pass citrix credentials properly :(  So I'm
>> left with samba vs A/D.  A/D is well,, ummmmm   A/D, so tyring to
>> avoid it.
>>
>> Currently have used Samba file servers for years.
>> Have played with Samba PDC with2.2
>>
>> Now, going to try Samba3 pdc.  Have about 300 users.
>>
>> I'd really like to understand the advantages/disadvantages of ldap vs
>> mysql for backend.  Would like our other *windows admins* to be able to
>> add users,machines,groups etc. easily.
>>
>> I think I'd like best to store in mysql, but want to know if there's any
>> functionality I'll miss using mysql instead of ldap.  seems ldap for
>> backend has been around a while.
>>
>> I'd really like to hear from anyone using mysql for backend, or ldap
>
> It your 300 users are all at one site, and you do not need BDCs, you could
> use
> the tdbsam for the passdb backend. I believe that LDAP is the preferred
> choice because it provides a lot more flexibility than the tdbsam backend.
>
> I would not use the mysql backend because it is considered experimental
> only
> and support for it from the Samba Team is very limited.
>
> The examples I used in my book "Samba-3 by Example" are all real-world
> networks. I have deployed Samba-3 and LDAP in several large sites. It
> works
> reliably.
>
> - John T.
> --
> John H Terpstra
> Samba-Team Member
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
> Samba-3 by Example, 2 Ed., ISBN: 0131882221X
> Hardening Linux, ISBN: 0072254971
> Other books in production.
>

Thanks for the quick reply John,
  all users at 1 site,  other sites will use citrix servers here for
access.  Other than the obvious *LDAP* features of using ldap, can I get
the same functionality out of using tdbsam??  sorry this Samba PDC stuff
is really new to me.  mostly concerned with *windows admins* being able
to add users, machines, etc.  ??time restrictions??  I really only need
1 pdc with some kind of failover.  rsyncing tdbsam probably would work
fine, I think:)
Consider another copy of your book sold, I'll see if I can go pick a copy
up today at lunch, if not it'll be on order.  Have some older samba
oreilly books:(
   thx again,
                  Mark

More information about the samba mailing list