[Samba] do i need posix users/groups in ldap
This is a discussion on [Samba] do i need posix users/groups in ldap within the Samba forums, part of the Networking and Network Related category; Hi all, i'm a bit confused, can i setup samba (3.0.30) with LDAP backend, and have the &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-05-2008
|
|||
|
|||
[Samba] do i need posix users/groups in ldap
Hi all, i'm a bit confused,
can i setup samba (3.0.30) with LDAP backend, and have the "posix/local linux" users and groups reside in the /etc/groups /etc/shadow ect. ect (the standard linux files) ??? or do i have to put them in ldap also ?? (is there a choice?) Greets, Collen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
|
06-05-2008
|
|||
|
|||
|
Re: [Samba] do i need posix users/groups in ldap
you'll need to put your posix users in ldap, because samba will add the
sambaSamAccount values to them in ldap. Collen Blijenberg wrote: > Hi all, i'm a bit confused, > > can i setup samba (3.0.30) with LDAP backend, and have the > "posix/local linux" users and groups > reside in the /etc/groups /etc/shadow ect. ect (the standard linux > files) ??? > > or do i have to put them in ldap also ?? > (is there a choice?) > > Greets, Collen > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
06-06-2008
|
|||
|
|||
|
Re: [Samba] do i need posix users/groups in ldap
So correct me if i'm wrong,
in order to use the ldap backend, you need to insert the posix users in ldap as well ?? there is no way to get it work, with the normal basic setup (passwd shadow group ect. files) that's odd ?! Collen. Adam Williams wrote: > you'll need to put your posix users in ldap, because samba will add > the sambaSamAccount values to them in ldap. > > Collen Blijenberg wrote: >> Hi all, i'm a bit confused, >> >> can i setup samba (3.0.30) with LDAP backend, and have the >> "posix/local linux" users and groups >> reside in the /etc/groups /etc/shadow ect. ect (the standard linux >> files) ??? >> >> or do i have to put them in ldap also ?? >> (is there a choice?) >> >> Greets, Collen >> >> >> >> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
06-06-2008
|
|||
|
|||
|
Re: [Samba] do i need posix users/groups in ldap
Collen Blijenberg wrote:
> > in order to use the ldap backend, you need to insert the posix users > in ldap as well ?? > there is no way to get it work, with the normal basic setup (passwd > shadow group ect. files) > > that's odd ?! > It isn't completely impossible, if you really wanted to have two seperate user dbs I'm sure you could hack something together, but it would completely eliminate the main advantage of LDAP. If you aren't interested in the benefits of having a single db, why are you using LDAP? Why not use one of the other simpler backends? *Michael Heydon - IT Administrator * michaelh@jaswin.com.au <mailto:michaelh@jaswin.com.au> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
06-08-2008
|
|||
|
|||
|
[Samba] Re: do i need posix users/groups in ldap
"Collen Blijenberg" <collen@hermanjordan.nl> wrote in message news:4847FDB2.7080100@hermanjordan.nl... > Hi all, i'm a bit confused, > > can i setup samba (3.0.30) with LDAP backend, and have the "posix/local > linux" users and groups > reside in the /etc/groups /etc/shadow ect. ect (the standard linux > files) ??? > > or do i have to put them in ldap also ?? > (is there a choice?) > > Greets, Collen I have done this in the past. I haven't tried this on a recent version so I don't know if it will still work. Back then I didn't understand how to use the smbldap-tools. As the others have suggested, keeping everything in ldap makes management of your user accounts much easier. To achieve your goal, try the following: Look at the smbldap-tools files to identify the ldif file that the tools import into ldap. Import that file into ldap using your standard ldap commands. In your smb.conf file, your add user script should be the standard Linux adduser command. You can look at the Samba documentation to find the adduser script you should be using if you are not using ldap. That should work. When you add a user, the POSIX info. should be added to the /etc/passwd and the Windows info. should be added to ldap. Make sure to try this out on a test server before using it on a production box. Remember that putting everything in ldap is a better approach. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
06-11-2008
|
|||
|
|||
|
Re: [Samba] do i need posix users/groups in ldap
Coming to think of it, I actually answered something that's not really
related to you question, so please just ignore my post. On 6/11/08, Richard Foltyn <richard.foltyn@gmail.com> wrote: > On 6/6/08, Collen Blijenberg <collen@hermanjordan.nl> wrote: >> So correct me if i'm wrong, >> >> in order to use the ldap backend, you need to insert the posix users in >> ldap as well ?? >> there is no way to get it work, with the normal basic setup (passwd >> shadow group ect. files) >> >> that's odd ?! > > Actually this will work too. I have all my POSIX/Samba users in LDAP > except for the root user, since there is no point in duplicating root > in LDAP. As long as you create a samba user with smbpasswd -a root, > Samba will happily fetch the POSIX stuff from /etc/passwd. This should > work for other users as well. > > However, as others have pointed out, this totally defeats the purpose > of using LDAP in the first place. ;) > > - Richard > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
06-12-2008
|
|||
|
|||
|
Re: [Samba] do i need posix users/groups in ldap
The whole point of LDAP is to combine the (considerable) benefits of
single-source authentication and single-point administration with the robust reliability of a distributed user database. You don't have that with the shadow suite. If you use an earlier version of samba you can implement the smbpasswd backend instead of LDAP and make your life much simpler. --Charlie On Thu, Jun 5, 2008 at 10:52 AM, Collen Blijenberg <collen@hermanjordan.nl> wrote: > Hi all, i'm a bit confused, > > can i setup samba (3.0.30) with LDAP backend, and have the "posix/local > linux" users and groups > reside in the /etc/groups /etc/shadow ect. ect (the standard linux files) > ??? > > or do i have to put them in ldap also ?? > (is there a choice?) > > Greets, Collen > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
Linear Mode
