[Samba] samba 4 & preexisting openldap servers

[Brian Gold]

Hi all,

 

We currently have a pair of openldap servers that we use pretty heavily for
some of our web product authentication and for radius. We recently added the
samba3 schema and got sambaNTPassword hashes created for our users so that
we could implement PEAP/MSCHAP to simplify our radius authentication. We
don't currently have AD or a samba PDC.

 

We have a physical samba file server currently which gets its group info
from ldap, but passwords are all stored in tdb. I was getting ready to build
a new samba file server VM that could tie into our openldap server for
authentication but I've hit a few snags along the way.

 

I just noticed that Samba4 should be hitting release in just a few days
(according to the wiki). I'm now tempted to hold off and just implement a
full blown samba4 domain. Because samba4 is so new though, I'm having some
trouble understanding some of the documentation. I'm not clear on how to
implement this based on our current infrastructure.

 

Can I use my existing openldap servers with samba4, or will I have to
migrate my current ldap data into samba4's own ldap server? We are currently
using a split view bind server for internal & external DNS. Can we continue
to use this or will we have to move our internal dns over to Samba4's
builtin dns server? Will I need to ditch our current DHCP server as well?