[Samba] Active Directory clients in DMZ

Marc Muehlfeld mmuehlfeld at samba.org
Sat Aug 29 18:09:37 UTC 2015


Am 28.08.2015 um 21:03 schrieb shacky:
> I read the document at
> https://wiki.samba.org/index.php/OpenLDAP_as_proxy_to_AD#Authentication_against_AD_through_openLDAP_proxy
> and it tells about an OpenLDAP proxy to authenticate some external
> services through it, but I need to join some Windows clients so I
> think I cannot use it, can I?
> So could you advise me what a best practice could be?

If you have to join DMZ machines, the openLDAP proxy won't work, because
it would just provide access to underlaying LDAP. However it is not able
to understand setting e. g. AD permissions or other things the classic
LDAP don't have.


More information about the samba mailing list