[Samba] LDAP authentication and server name

Michael Stevens mike.d.stevens at gmail.com
Wed Mar 30 17:09:30 GMT 2005


I am running Samba 3.0.10 under Debian.  I have the Samba server
running with security=ADS, and I can save files to Samba shares with
my windows credentials.

We now have some users that need to save files to a share using their
UNIX user permissions.  To this end, I have set up an LDAP password
back end with OpenLDAP 2.1.30, and populated the database with the
IDEALX smbldap-tools.

So I can now connect to a share on the Samba server with my windows
login, or by connecting as a different user name, and using 
SAMBASERVER\unix-id as my login.  If I connect as my UNIX id, then
files are saved with the proper UNIX permissions.

Now comes the real problem, having shares mapped to the same Samba
server with *both* your UNIX and Windows credentials.  Since Windows
does not (as far as I can tell) allow you to authenticate to the same
server with different id's, the workaround is to set up DNS aliases
for the Samba server.  That way, for instance, you connect to
'winserver' with your windows credentials, and 'unixserver' with your
UNIX credentials.  Bear in mind again that both these DNS names point
at the same server.

Unfortunately, I can only authenticate via LDAP to the server name
that is in the netbios name = field in smb.conf (or the hostname if I
don't specify netbios name).  I have added a netbios aliases entry,
but I can't authenticate against that server name.  Is there a way to
authenticate against a LDAP server via Samba using multiple hostnames?
 For instance SAMBASERVER\unix-id and ALIAS\unix-id?



More information about the samba mailing list