LDAP allows all of the computers to look to one place for user authentication. So UID 100 is the same on every box. This allows multiple servers to NFS mount drives amongst each other, and share user accounts. It works very well, and in most cases, it's seamless to the admin and the user.
Suse has an awesome setup for Samba/LDAP integration. It's easy to use and config is literally a single checkbox (and a few extra parameters such as OU and Passwords and stuff). Having said that, it's non-standard, and I'd expect serious problems when you/they try to move it to Samba 4. I have a few sites that I admin on it, and I suspect Samba 4 to be a complete nightmare. But we'll cross that bridge when we get to it. Kev. -----Original Message----- From: Ian Bruseker [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 26, 2007 10:23 PM To: CLUG General Subject: Re: [clug-talk] Browsing a Linux network On 6/26/07, Gustin Johnson <[EMAIL PROTECTED]> wrote: > I use samba/cifs for pretty much all file sharing these days. smb4k > is handy for browsing for shares on any given network. On my own lan > I simply have entries in my /etc/fstab for mounting the usual shares, > with user names and passwords in a credentials file. > Ya, and for a small network (I'm talking 4 computers at home, including the IPCop box) that's cool. I was just pondering how one would do it in a bigger network, where you don't know every computer's name and IP by heart. ;-) > Single sign on would likely come from kerberos, just as it does in the > Windows world (Active Directory). Of course your server services > would need to support kerberos (samba and ssh do). I used to have > kerberos authenticating samba and ssh, before I reduced the number of > machines in my lan to 3, which makes that a ridiculously overpowered solution. > This gets me to thinking, does LDAP fit into this somehow? I know it's something AD does. I'm wondering, how does one centrally manage the user accounts? Ian _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
