[Samba] UNIX/Linux system authentication using Samba LDAP ?

Rowland penny rpenny at samba.org
Tue Nov 3 19:28:19 UTC 2020


On 03/11/2020 19:03, Miroslav Keš via samba wrote:
> Hello!
>
> I'm administrating a FreeBSD server in a an office where we do cross-platform development. People use both Linux and Windows workstations for the development. 
>
> I have an OpenLDAP server running on the FreeBSD server that used for both: 
>
>     - system authentication of users on the server itself and the Linux workstations 
>
>     - authentication of users for Samba shares on the server itself and for Samba servers running on the the Linux workstations. 
>
>
>
> It is quite annoying as there are 
> other applications authenticated against the 
> OpenLDAP server and suddenly the whole coexistence is gone. :-/
Hardly suddenly, we have been discussing this on here for a couple of 
years now, also this is being forced on us by Microsoft. They really 
want to get away from SMBv1, so Samba must follow them and you must have 
SMBv1 for an NT4-style domain. However, for the moment, you can still 
use NT4-style domains, Samba is just giving warning that they will 
disappear one day and when that day comes, I understand that the last 
version that does work with them will have long term security support.
>
> But anyway, is it possible to use the Samba's internal LDAP server and use it as a replacement of the OpenLDAP server? 
>
Yes this probably will be possible, what do have in ldap ?
> If so, how does the administration (e.g. adding new attribute schemas for other applications) of the Samba LDAP server look like? 
>
Pretty much like openldap, have a look here: 
https://wiki.samba.org/index.php/Samba_AD_schema_extensions


Rowland





More information about the samba mailing list