[GRLUG] Samba/LDAP Help

John Wesorick john at wesorick.com
Wed Apr 23 12:37:08 EDT 2014


I'm in the process of upgrading some older servers, and I'm kind of stuck
on what I want to do with our file-sharing and authentication servers. We
currently use OpenLDAP and use it for authentication all over the place
with ~35 desktops and ~30 servers. We have 2 Macs, 3 Windows servers and 5
Windows desktops (used for a specific function, not desktop users) which
are currently treated as second-class citizens and only have local users
(i.e. no LDAP authentication), which I'm fine with keeping that way, unless
it's easy to allow them to do central authentication. Everything else is
Ubuntu. We also use Samba (3.x) just for file-sharing, using the OpenLDAP
as a backend for authentication.

Now, I prefer to use SMB/CIFS, since we do have a mix of OSs, but Samba 4
doesn't seem to support using an external LDAP authentication server
anymore and although it can work as an Active Directory server, it seems
like it's really focused on the Windows side for whatever reason, and from
what I have been able to research still seems a little flaky.

I'm not exactly tied to OpenLDAP. I am fairly comfortable with it, but I
wouldn't say I love it. I was exploring maybe using 389 Directory Server,
or Samba 4. If it were necessary, it wouldn't be a huge deal to rebuild our
domains by hand, and just make everyone use a new password.

What are you guys using in your production environments, and what would you
suggest for a secure file-server (are there options beside Samba, I
couldn't find any) and authentication server combo? Does anyone have
experience using Samba 4 in a mostly Linux environment?

Thanks,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20140423/f9c9350e/attachment-0001.html>


More information about the grlug mailing list