[Samba] LDAP Access
Pluess, Tobias
tpluess at ieee.org
Sun Dec 17 09:14:58 UTC 2023
Good day
I have setup a Samba Active Directory with a couple users and configured
also the Email address for the. Now, my Email provider supports
authentication via LDAP.
This would be awesome as the users could use the same login for their
computers and for their Email, and further, if one changes the password,
the Email password is changed as well.
However, obviously, it will be necessary that the Email server gets access
to my Samba AD DC.
I am not sure if it is a wise idea to expose the Samba DC to the internet;
of course there is only one IP address that needs to have access, but still.
I was thinking about this now for a while.
a) would it be a problem to expose the Samba DC to the internet, with the
firewall only allowing exactly one certain IP to access?
b) or should I replicate the Samba AD DC somehow, and expose only the
"copy" to the internet and replicate, say, every hour or so.
Or should I skip this idea at all?
I found it a bit painful to maintain both, AD users and Email users, and
further, it is a bit confusing for some users if they need a different
password for their mail.
Any ideas?
More information about the samba
mailing list