[Samba] Storing passwords in LDAP, but not a PDC

Markus Korth mkorth at viisage.com
Mon Mar 20 16:06:41 GMT 2006


Craig White wrote:
> On Mon, 2006-03-20 at 09:22 +0000, Robert Mortimer wrote:
>>>Is it possible to store samba passwords in ldap without configuring
>>>samba as a PDC?  All the documents/references I've come across are
>>>related to using LDAP as a samba PDC backend, not as just a db file
>>LDAP is a heavyweight store for massive amounts of passwords and extended
>>data needed to for 100s or 1000s of PCs. In a workgroup there is no central
>>password store. In a workgroup each windows (LINUX/Samba) machine has local
>>users and would never consult a central authentication database so the LDAP
>>would only hold accounts for the local Linux machine's users.
>>This is a Sledgehammer + nut situation
>>I suggest you look at the normal samba database
> ----
> I'm not entirely certain that I agree with the characterizations that
> you have used.


I completely agree. I think Roberts answer might be appropriate under
certain conditions but is just to general.
LDAP isn't that difficult to use and if you already have a established
Unix based environment, including LDAP, adding a little bit
SambaSAMAccount magic is more a by-product than real work.
Maintaining samba password and user files on perhaps 10 or 15 Unix samba
servers is more work than getting samba and LDAP together...


Senior Executive - Systemadministration

Direct Phone: + 49 / 234 9787-57
Direct Fax: +49 / 234 9787-77

Viisage Technology AG
Universitaetsstrasse 160
44801 Bochum

More information about the samba mailing list