craigwhite at azapple.com
Tue Nov 15 22:45:44 GMT 2005
On Tue, 2005-11-15 at 14:30 -0800, Mont Rothstein wrote:
> Sorry for being so vague, I was tring not to be :-)
> I actually dived in days ago and I am swiming in docs, books, manuals,
> and webpages.
> Part of my challenge is that I'm not ever sure of what questions to
> Jeff's reply has helped (thanks Jeff). Looking up ldap authentication
> has brought me to pages I hadn't seen yet. I'm not sure which ones I
> want yet, but it is a start.
> I wish are had specific technical questions to ask, I really do.
> I have an LDAP server up and running as well as Samba. The two may or
> may not be integrated correctly together.
> I believe my next step is to get a windows machine to authenticate to
> the Linux server via LDAP, without having to create a Unix account for
> the user.
> The step after that will be to see if ACLs work.
> If/when I get those two then I think I'll have what I need.
> If you know any good pages on authenticting a windows client to a non-
> PDC Linux Directory Server, I would love to see them.
> Thank you for taking the time to ponder my troubles.
1 - an LDAP user (more accurately I think, a DN) would have both the
objectclasses and attributes relevant for all of the required resources
so your concept of not having to create a Linux account is absurd. If
you don't want the users to have home directories or profiles, there are
ways around that.
# ldapsearch -x -h localhost -D 'uid=craig,ou=People,dc=azapple,dc=com'
Enter LDAP Password:
# extended LDIF
# base <> with scope sub
# filter: (uid=craig)
# requesting: ALL
# craig, People, azapple.com
cn: Craig White
sambaAcctFlags: [U ]
gecos: Craig White
mail: craigwhite at azapple.com
PS - a plug for Gerry's book...
LDAP System Administration by Gerald Carter - getting a little old now,
but still a great book for getting your feet off the ground with ldap
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba