[Samba] Samba & (anonymous) LDAP Authentication

Robert Heller heller at deepsoft.com
Mon Mar 29 14:43:08 MDT 2010


I am trying to things up to allow a *few* select users on a small
number of MS-Windows boxes to write to a couple of directories on a
Linux server.  Most of the users on the MS-Windows boxes will only have
anonymous (guest) read-only access to one directory and anonymous
(guest) access to the printers.

The Linux server primarily is a PXEBoot and NFS server for a group of
diskless Linux workstations.  I am using LDAP for user Authentication
for these machines.  I would *like* to have just one user authentication
database (the LDAP one).  The MS-Windows machines will *never* need to
allow things like user creation or modification (including password
changing), so Samba *should not need* the rootdn password for the LDAP
server.

I am having a hard time figuring out how to do this.  It *seems* that
Samba wants to have the rootdn password -- do I have to configure it
that way?  Or do I have to *duplicate* the user authentication in
Samba's own user database (resulting in people having their passwords
in two separate places and/or end up having two passwords for their
accounts [a Linux password and a MS-Windows password])?  The *best*
option would be for Samba to just go though pam/nss (like everything
else under Linux), but it looks like Samba no longer does things this
way.

I am using Samba 3.0.33-3.15.el5_4.1 on a CentOS 5.4 (32-bit) system.


-- 
Robert Heller             -- 978-544-6933
Deepwoods Software        -- Download the Model Railroad System
http://www.deepsoft.com/  -- Binaries for Linux and MS-Windows
heller at deepsoft.com       -- http://www.deepsoft.com/ModelRailroadSystem/
                                                                                                                       


More information about the samba mailing list