[Samba] Connecting Solaris 10 + samba + Mac OS X Open Directory
Jake Carroll
jake.carroll at uq.edu.au
Tue Jun 24 13:02:53 GMT 2008
Hi all,
I've recently run into a situation whereby I need samba to tackle a
task. It is complicated by multi-vendor infrastructure. I am hoping
that someone here has the knowledge and experience to say:
"been there, done that...here is how..."
To give some background to the architecture (slightly exotic)...
1. We run a large Sun SAM-FS/QFS installation (a high end hierarchical
storage management filesystem technology, for those that don't know)
2. Our clients [primarily Mac OS X 10.5 clients, but a few sparse
Windows XP/Vista clients also] mainly leverage NFS transports off a
fileservice head to get "at" their data. This fileserving load is
taken care of by a dedicated SunFire x4200 M2 x86 host
3. The few Windows systems that we do have talk to a "NFS reshared"
samba living on a Mac OS X 10.4.11 Server system
3. Our authentication source is this same Mac OS X 10.4.x Server
running Open Directory (Open LDAP wrapped in nice Apple packaging, as
I understand it!)
When a client attempts to map shares from the Sun x4200 fileserver,
all authentication credentials come from the Open LDAP Mac OS X Server
it has been bound to (by using ldapclient -manual commands). In it's
current state, it works.
...however...
I'd very much like to run samba on this Solaris fileserver, so that my
windows clients can connect to it, as my Mac clients currently do over
NFS.
So, some questions:
1. How do I install a "sane" samba onto solaris 10 x86 and configure
it so that it understand the current LDAP bindings that the host has
(back to the Mac OS X 10.4.x Open Directory master)?
2. Ideally, I want my configuration so that when a user connects to
the Sun host from either windows/linux/mac, not only will it ask for
their credentials based on what is in the Mac OS X Server Open
Directory, but it will also write files as the UID/GUID in question
(just as my NFS solution currently does) with correct permissions/
ownership
I know my bindings are right. I know I can spawn a samba service on
the Mac OS X Server - and reshare NFS through it to present "smb" to
windows hosts...and it will write/authenticate correctly with correct
permissions and ownership. It is however, cluggy, poor in terms of
file locking performance and an additional layer of unneeded
abstraction, where the more powerful Solaris host could in theory just
serve out the samba content, rather than pushing it to other layers. I
just need to find a way to make the solaris host (and samba on that
host) aware of the Open Directory binding etc.
I have *tried* to explain this config as best I can. If anyone needs
more information, please feel free to ask!
Thank you.
JC
More information about the samba
mailing list