[Samba] Support for Linux Authentication with Samba4's Internal LDAP Server
Andrew Martin
amartin at xes-inc.com
Tue Aug 28 16:13:03 MDT 2012
Andrew,
Thanks for the clarification. Is there a list of the attributes Samba4 will maintain, so I can determine which ones I'll have to manually update?
Andrew
----- Original Message -----
From: "Andrew Bartlett" <abartlet at samba.org>
To: "Andrew Martin" <amartin at xes-inc.com>
Cc: samba at lists.samba.org
Sent: Tuesday, August 28, 2012 3:32:31 AM
Subject: Re: [Samba] Support for Linux Authentication with Samba4's Internal LDAP Server
On Mon, 2012-08-27 at 16:42 -0500, Andrew Martin wrote:
> Hello,
>
>
> This topic has been touched on in the past, but I'd like to ask for
> additional clarification on the structure of the internal LDAP server
> that Samba4 provides. I currently am using OpenLDAP for authenticating
> Linux servers and a number of web-based services. I also use Samba 3
> for presenting shares to Windows users, but it maintains a separate
> password database. I would like to migrate to a single sign-on,
> ideally using Samba4. I use the inetOrgPerson schema for users
> ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/
> inet OrgPerson.html ) and the posixGroup schema for groups
> ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/posixGroup.html ). Does the internal LDAP server in Samba4 support these schemas? I don't mind writing some scripts to manually populate/update additional fields as needed, but need to know that services which expect a regular LDAP server would be able to utilize the Samba4 one?
You should be able to use both of those, and do a simple bind against
Samba4 for password validation. You can even avoid using a DN for the
simple bind, we also accept user at realm and domain\user as the 'DN'.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list