[Samba] Implementing Samba4

Andrew Bartlett abartlet at samba.org
Thu Sep 2 23:37:08 MDT 2010 

On Wed, 2010-09-01 at 09:42 +0200, Juan Asensio Sánchez wrote:
> Hi
> 
> I am trying to install Samba 4 on a Ubuntu 10.04 Server machine. I have
> downloaded the sources, compiled it and installed. Now I have to do the
> provision step. I want to use an existing LDAP server (389 Directory Server)
> installed in other machine (well, really a lot of machines, yet configured
> for replication). Also, the servers only accept SSL connections. But all the
> examples I have seen in the Samba Wiki use ldapi. I have tried a lot of
> commands to configure the provisioning, but I don't understand what this
> step does:
> 
> - Create any special user in the LDAP server?
> - Create any branches in the LDAP server?
> - Add any schema?
> 
> What should be the command to make Samba work with my LDAP servers, with
> SSL? The LDAP servers also have yet user and group data (also Samba3 domain,
> but it is not being used).

This simply isn't possible.  Samba4 uses a different schema (the AD
schema).  There was an effort by Red Hat to create a system where Samba4
would talk to an LDAP server with a different schema (using schema
mapping), but this seems to have been abandoned.  

http://osdir.com/ml/freeipa-users/2010-08/msg00022.html

> After the provisioning, I have seen that is needed to start the LDAP server
> using start-slapd of the Samba package. What? What is this for?

This runs the Fedora DS/389 script, to start the instance we configure
in the way that we expect. 

> And one last question, is it possible to create interdomain trust with the
> current version of Samba4?

Not yet.  (We of course intend to support this, but we don't at this
time).

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba/attachments/20100903/8d51cc71/attachment-0001.pgp>

More information about the samba mailing list