[Samba] Samba4 Integration With Google

Andrew Bartlett abartlet at samba.org
Fri Jan 18 05:42:52 MST 2013 

On Wed, 2013-01-16 at 13:59 -0800, Varoujan Avanessians wrote:
> Hello everone,
> 
> In my Company we are going through a network redesign and Planning to
> retire our Novel edirectory, and Novel Servers and replace them with Samba4
> (Over 150 Servers). We have setup a Samba4 test environment which seems to
> be working well so far. We are an organization with multiple locations and
> over 1200 users, we are also very heavy users of google apps. I have couple
> of questions that I need help with.
> 
> 1- Is it possible to Integrate samba4 with Google Apps for Single sign-on,
> I know google has and application that Integrates Microsoft Active
> Directory with Google Apps, so I assume it should be possible with Samba4
> too. Has anyone tried and used this feature with success?

I think that outputting the password sync would be a custom development
task at this point.  It will be a very useful feature for others too. 

> 2- We already have over 1200 accounts on Google. Is there a way to Import
> these user accounts into samba4?

The hard part will be getting the plaintext passwords.  Otherwise, it is
mostly a matter of just getting the data into AD-like LDIF files, and
adding them. 

You might be able to instead upgrade your Novell domain into Samba 4.0's
AD DC, if it currently backs a Samba 3.x 'classic' domain (or can be
made to), or otherwise you should be able to get the plaintext pw from
the Novell server with some work. 

> I would really appreciate any help in this matter and welcome any
> additional suggestions that you may have for a Project of this magnitude.

This certainly needs a lot of care.  What you are proposing would be one
of our larger deployments in terms of numbers of users, and is very
large in terms of number of servers (almost certainly the largest, if
you really want 150 DCs), and will be stretching our replication
capabilities.

I'll help you however I can, but you may wish to engage some
professional support as well. 

I do wish you all the best.  It is great to see folks taking Samba 4.0
as an AD DC to new and exciting places!

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba mailing list