[Samba] Support for Linux Authentication with Samba4's Internal LDAP Server
Gémes Géza
geza at kzsdabas.hu
Tue Aug 28 10:30:28 MDT 2012
2012-08-28 10:32 keltezéssel, Andrew Bartlett írta:
> On Mon, 2012-08-27 at 16:42 -0500, Andrew Martin wrote:
>> Hello,
>>
>>
>> This topic has been touched on in the past, but I'd like to ask for
>> additional clarification on the structure of the internal LDAP server
>> that Samba4 provides. I currently am using OpenLDAP for authenticating
>> Linux servers and a number of web-based services. I also use Samba 3
>> for presenting shares to Windows users, but it maintains a separate
>> password database. I would like to migrate to a single sign-on,
>> ideally using Samba4. I use the inetOrgPerson schema for users
>> ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/
>> inet OrgPerson.html ) and the posixGroup schema for groups
>> ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/posixGroup.html ). Does the internal LDAP server in Samba4 support these schemas? I don't mind writing some scripts to manually populate/update additional fields as needed, but need to know that services which expect a regular LDAP server would be able to utilize the Samba4 one?
> You should be able to use both of those, and do a simple bind against
> Samba4 for password validation. You can even avoid using a DN for the
> simple bind, we also accept user at realm and domain\user as the 'DN'.
>
> Andrew Bartlett
>
Hi,
I can confirm this, just switched the moodle installation from
authenticating against OpenLDAP to Samba4. The only caveat was figuring
out that I couldn't bind anonymously.
Regards
Geza Gemes
More information about the samba
mailing list