[Samba] Options integrating Samba AD DC with Identity Management sytems?

Bachmann, Philipp bachlipp at web.de
Tue Jun 14 18:56:37 UTC 2022

Dear Samba community,

from time to time the question pops up whether it has become possible to
run a Samba Active Directory Domain Controller on top of an existing
LDAP backend, e.g. OpenLDAP. I know that there was a project from Symas
which provided an "--ldap-backend-type" option to "samba-tool domain"
but this has not been updated for a long time.

So: I'd be glad to know whether there is some way to use an existing
LDAP server. My main motivation is not to use an LDAP server in the
first place, but to maintain a central, authoritative database of users;
so to ask my question in a more abstract way: What is the recommended
way to use Samba AD DC in a heterogenous environment—can I e.g. feed
Samba with identities from an identity management system (that will also
feed other systems used for authentication and authorization like
OpenLDAP, FreeIPA etc. to be used by non-Windows-systems)?

Any help will be appreciated!


More information about the samba mailing list