[Samba] samba domain vs linux network security
dharknes at umd.umich.edu
Fri Nov 11 17:10:38 GMT 2005
We use AFS/Kerberos/LDAP to provide home directories to our Linux/
Unix/OSX users, our Windows users connect into our Samba domain.
Samba has pretty good AFS support for gatewaying SMB <-> AFS
requests, at a minor weakening of filesystem security. I'm hoping
Samba4 will allow me to use Kerberos all the way through. The
biggest downside to the AFS/Kerberos/LDAP/Samba setup is complexity,
each service is a pain to setup by itself, getting them working
together nearly involved human sacrifice. But the system has been
working for about a year with 99.99% uptime.
A big thanks to all the Samba developers!
On Nov 10, 2005, at 8:27 AM, mourik jan c heupink wrote:
>> You have several options. First, there are steps that you can
>> take to
>> improve NFS security somewhat, such as restricting it to
>> particular IP
>> addresses (although IP addresses can be spoofed). Second, you can
>> NFSv4, which supports proper authentication. Third, you can use an
>> alternative means of sharing drives to Linux. I've actually been
>> using SMB to access my Linux server's drives from my Linux client, to
>> avoid setting up a separate file-sharing service. Several other
>> options exist - including SSHFS (for more of a quick-and-dirty
>> approach), AFS, and Coda, but I don't have experience with any of
> Thanks very much for the feedback.
> since nfs4 is NOT included in sles9 (apparently because it's acl
> code is not yet stable..?) I will take look at the two
> alternatives you mention.
> The feedback was very much appreciated.
> Mourik Jan
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba