[Samba] Samba4 DC, Auth on linux side

Chris Fischer chris_f at gmx.net
Mon Feb 18 14:57:35 MST 2013

Hi all,

i'm searching the web up and down for a while now.

I had set up an Samba4 AD from debian packages successfully. Now the 
goal is, like S3 with LDAP, to use this AD for linux purposes.
At first for auth, later to bind postfix and other services to read the 
directory. (When tests are successfull, i will migrate an existing 
S3/OpenLDAP to S4s Active Directory.

Now it is difficult for me to find best practises for my project.

- Should I add posix attributes to my Domain Users and how to use this 
approach in an easy way with ADUC or other tools and read them with nslcd.
- Should I use nslcd without posix attributes and configure some 
mappings like creating uidNumber from the SID
- should I use WINBIND for auth. But I have found discussions about 
different winbind behavior depending on S4 is used as DC or member 
server in AD. In production mode, there will be the need to have linux 
auth on the DC and one member server (NAS). So it would nice to get the 
same behavior on both servers.

Thanks for your advice.

Chris Fischer

More information about the samba mailing list