[Samba] Connecting Solaris 10 + samba + Mac OS X Open Directory

Jake Carroll jake.carroll at uq.edu.au
Tue Jun 24 13:02:53 GMT 2008 

Hi all,

I've recently run into a situation whereby I need samba to tackle a  
task. It is complicated by multi-vendor infrastructure. I am hoping  
that someone here has the knowledge and experience to say:

"been there, done that...here is how..."

To give some background to the architecture (slightly exotic)...

1. We run a large Sun SAM-FS/QFS installation (a high end hierarchical  
storage management filesystem technology, for those that don't know)
2. Our clients [primarily Mac OS X 10.5 clients, but a few sparse  
Windows XP/Vista clients also] mainly leverage NFS transports off a  
fileservice head to get "at" their data. This fileserving load is  
taken care of by a dedicated SunFire x4200 M2 x86 host
3. The few Windows systems that we do have talk to a "NFS reshared"  
samba living on a Mac OS X 10.4.11 Server system
3. Our authentication source is this same Mac OS X 10.4.x Server  
running Open Directory (Open LDAP wrapped in nice Apple packaging, as  
I understand it!)

When a client attempts to map shares from the Sun x4200 fileserver,  
all authentication credentials come from the Open LDAP Mac OS X Server  
it has been bound to (by using ldapclient -manual commands). In it's  
current state, it works.

...however...

I'd very much like to run samba on this Solaris fileserver, so that my  
windows clients can connect to it, as my Mac clients currently do over  
NFS.

So, some questions:

1. How do I install a "sane" samba onto solaris 10 x86 and configure  
it so that it understand the current LDAP bindings that the host has  
(back to the Mac OS X 10.4.x Open Directory master)?

2. Ideally, I want my configuration so that when a user connects to  
the Sun host from either windows/linux/mac, not only will it ask for  
their credentials based on what is in the Mac OS X Server Open  
Directory, but it will also write files as the UID/GUID in question  
(just as my NFS solution currently does) with correct permissions/ 
ownership

I know my bindings are right. I know I can spawn a samba service on  
the Mac OS X Server - and reshare NFS through it to present "smb" to  
windows hosts...and it will write/authenticate correctly with correct  
permissions and ownership. It is however, cluggy, poor in terms of  
file locking performance and an additional layer of unneeded  
abstraction, where the more powerful Solaris host could in theory just  
serve out the samba content, rather than pushing it to other layers. I  
just need to find a way to make the solaris host (and samba on that  
host) aware of the Open Directory binding etc.

I have *tried* to explain this config as best I can. If anyone needs  
more information, please feel free to ask!

Thank you.

JC

More information about the samba mailing list