[Samba] Delegate Samba4 user authentication to an external LDAP server
Rowland Penny
rowlandpenny at googlemail.com
Tue Mar 3 11:41:59 MST 2015
On 03/03/15 18:29, Mario Pio Russo wrote:
> Hi Rowland
>
> yes you got it right, I have a samba 4 installation and I'd like to
> delegate the authentication to an external ldap server.
> I have noticed that in samba 4 we do not have the attribute "password", so
> my question is:
>
> if I use Samba4+Openldap (as backend) and in OpenLdap I manually add the
> attribute "password" to each user entry, and password as a link to SASL
> {SASL}username at externalldap.com , do you think that this would work? sorry
> but I have not much knowledge of how samba stores its passwords.
>
> thanks
>
OK, if you use samba 4 plus Openldap, you will not have an AD based
system, so you will need to set it up just like a samba3 NT PDC. There
are numerous howtos out there on the web.
Now, seeing as where you are posting from, you will probably not like
this, but have you considered dumping the AIX server and going entirely
AD ? you could then probably authenticate to the samba AD DC via kerberos.
Rowland
More information about the samba
mailing list