[Samba] samba4 and (pseudo) LDAP backend for users, groups and rights
marcus.mundt at forsa.de
Fri Jun 21 09:27:15 MDT 2013
I am used to Samba 3 and LDAP. But since Samba 4 I'm struggeling hard to understand what has to be done and how a possible solution might look like for our scenario. I already found out that Samba 4 comes with its own LDAP Server and if I want to use a slapd on the same system, it should listen on another port. I know that using a LDAP backend isn't supported in the current version of samba, but I'm looking for a similar solution anyway.
- LDAP-Master-Server with all the information needed
- mostly Windows XP and Windows 7 Clients
They should auto mount network drives after login (user, pass and rights from LDAP-Master)
Here is what I want to achieve:
A LDAP-Master-Server should be the basis for all users, passwords, groups, rights, rights to execute Programs, mails and mounting network drives. We are looking for a "single sign on" solution based on the LDAP-Master-Server. Our Mail-Server and some other services rely on the LDAP-Master. Now Samba should work as ADS using the Information stored on the LDAP-Master. Meaning getting users, passwords, groups, rights, drives etc. from LDAP. Is that even possible? Any ideas?
My quick guesses of possible solutions:
- Samba 4 + Slapd on the same machine. Slapd synced to LDAP-Master
- I don't know if I get this one...
- Samba 4 importing an ldif-export of our LDAP-Master, problem: how to sync?
- What about using "smbd + nmbd" instead of "samba"? What are the drawbacks and what functionalities would we sacrifice?
- Is using samba 3 + LDAP backend a possible solution? We really waited for Samba 4 and are now a bit overwhelmed by the numerous innovations. But we would like to use the most current software.
Any hints or some short step by step list with the required services and their dependencies would be highly appreciated.
Thanks for reading. Have a wonderful weekend!
More information about the samba