[Samba] LDAP with Samba4
Rowland Penny
rowlandpenny at googlemail.com
Mon Mar 9 09:49:20 MDT 2015
On 09/03/15 15:13, Adi Kriegisch wrote:
> Hey!
>
> We're still running a Samba3 Domain Controller but need to upgrade to
> Samba4/AD soon. The core of our DC is an OpenLDAP server that holds
> authentication information for many services including Samba3.
> The LDAP server gets replicated to every machine that provides some kind of
> authentication or needs local user account information; changing password
> is done on a web interface that enforces our password policy and keeps
> Samba passwords and "unix passwords" in sync.
>
> The question is how can we continue to use a LDAP server for authentication
> while keeping accounts and passwords in sync?
> Is there still some development going on for the OpenLDAP backend of
> Samba4[1]?
> How did others solve such a situation?
>
> Thanks,
> Adi
>
> [1] https://wiki.samba.org/index.php/Samba4/LDAP_Backend
Hi, just what are the services that need to authenticate via ldap ?
There is a page on the samba wiki about authenticating to samba4 AD:
https://wiki.samba.org/index.php/Authenticating_other_services_against_AD
It is not exhaustive and other services can auth via S4 AD, postfix &
dovecot for instance.
I believe that there is (or is that was?) some work going on to try and
make a samba4 AD DC use Openldap instead of the built ldap, but it seems
to have gone quiet on that front lately.
Rowland
More information about the samba
mailing list