[Samba] Re: LDAP mailing list for ldapsam people

Steve Zeng szeng at mainframe.ca
Wed Mar 9 17:59:15 GMT 2005 

Tony,

It is very impressive that you installed successfully Samba and 
OpenLDAP. I am working on Samba + OpenLDAP integration. So I have a few 
questions for you.

1) Samba need computer account to be ended as $, however, with LDAP as a 
host name service, $ is not working. How do you design your ou=Computers 
or ou=Hosts subtree to solve this problem?

2) You did not use smbldap-tools, then what do you use to migrate NIS 
passwd and group and hosts into LDAP?

Thanks a lot.

Steve


> People,
> 
> I came to Samba 3 or 4 weeks ago and now have a successful ldapsam 3.0.11
> PDC installation for 1150+ users (around 80 Win 2000 and XP workstations)
> running together with a DHCP server as an "afterthought" service on a
> RHAS3 NAS server.
> 
> I adopted/adapted my already existent Openldap (2.2.17) DSE at that site)
> and wrote to this list about my experiences. For example I couldn't use
> the samba-ldap tools, hadn't reached Appendix A of the Official Samba
> HOWTO yet and had to reinvent the wheel (my solution turned out to that
> detailed in Appendix A).
> 
> I noticed on this list, that many people expect Samba/LDAP to be an
> out-of-the box solution without really understanding the ins and outs of
> LDAP. Sometimes the standard solutions don't work for them and they don't
> know why.
> 
> Choosing the right version of OpenLDAP and configuring it correctly are
> not child's play. It is not intuitive. Problems can come with:
> 
> Which OpenLDAP version to use
> How to configure it best for Samba
> How to configure Sleepycat BDB
> DSE/DIT architecture
> SSL/TLS configuration
> ACL design
> Security
> Sources of information on the web, FAQs.
> 
> A suitable mailing list for these things would be ideal. However, the
> OpenLDAP mailing list does not allow application-oriented questions; they
> are considered OT.
> 
> The list master of the following mailing list has told me that samba LDAP
> people would be welcome there. Subscribers to that list include many
> OpenLDAP ML people who are open to discussion about the above topics and
> more, and can help with them and more.
> 
> For more info, go to:
> 
> http://lists.fini.net/mailman/listinfo/ldap-interop
> 
> LDAP is one of the most powerful concepts in present-day networking and a
> single Data Base can be used for many more applications than Samba.
> 
> Best,
> 
> --Tonni
> 
> --
> mail: tonye at billy.demon.nl
> http://www.billy.demon.nl
> 
> 

-- 
Regards,

Steve Zeng
Systems Administrator
Mainframe Entertainment Inc
T: (604) 628-1000 ext 5293

More information about the samba mailing list