[Samba] Samba4 DC with Secondary Questions

Kris Lou klou at themusiclink.net
Wed Jun 7 18:11:19 UTC 2017


On Wed, Jun 7, 2017 at 10:29 AM, Nowell Morris via samba <
samba at lists.samba.org> wrote:

> We are setting up a Primary DC with AD, using BIND9_DLZ, also serving
> dhcpWe have been using samba 3 with openldap for some years now and
>
successfully sync with Google Apps for our mail.
>

Good luck with this.  The last time I checked, GAPS had problems with the
way Samba4 passwords are hashed (it was expecting X format, but Samba does
it in Y).  The only way around it is to store passwords in plaintext, which
is somewhat undesirable.  GADS might work in terms of account creation on
both ends, but I haven't looked that far into it.

AFAIK, the only way to synchronize Google Apps credentials is to run it
with SSO -- which then offloads the Google Auth directly onto the S4
environment.  You'll still have issues with IMAP requiring the original
Google credentials, and I don't know how Google's 2FA would work with this
(though if you're using SSO, you'd probably have your own 2FA as well).
But if you're purely using webmail, it'll work.


Kris Lou
klou at themusiclink.net


More information about the samba mailing list