You could follow one of the general purpose samba-ldap documentations out there, because AFAIK samba is the most influencing service to depend on ldap. I cannot recall what I used but you can have a look at:
http://gentoo-wiki.com/HOWTO_LDAP_SAMBA_PDC_Basic_Setup http://www.samba-ldap.de/samba-3-pdc-mit-ldap.html the first one covers gentoo, the latter is written in german... but you get the point. One suggestion from my side is to use a OU base instead of DC based if you are using multiple (internet-)domains. To specify who can use what service, you can use ldap query-filters (eg. for apache create a group "webusers" and so on) At tme moment I use openldap for web, mail (Postfix & cyrus-imap), samba and a per user address-book. Kerberos (heimdal) and radius is also possible, but I do not use it at the moment. If you require it, I can provide you with more information or even relevant parts of the config-files. br, Robert Jesacher On 25/03/2008 14:38 Outback Dingo wrote: > As would I also like to > > On Tue, Mar 25, 2008 at 8:11 PM, Trey Sizemore <[EMAIL PROTECTED]> wrote: > >> On Mon Mar 24, 2008 04:58PM, Tim Judd wrote: >>> Jon Theil Nielsen wrote: >>>> I asked this on freebsd-net@ but got no replies. So now I ask the same >>>> question here. >>>> >>>>> Hi list! >>>>> >>>> > >>>> > I have speculated a lot about implementation of (Open)LDAP on my >>>> > sever. By I haven't yet found the right (and logical) way to do it. >>>> > I'm running FreeBSD 7.0-Release with some different server >> applications >>>> > - Samba PDC >>>> > - Virtual mail server (Postfix, MySQL, Courier-IMAP) >>>> > - VPN (currently with mpd4) >>>> > - Apache-2.2.8 web server (with PHP and MySQL) >>>> > I would like to implement LDAP for: >>>> > - authentication of UNIX/login users >>>> > - authentication of Samba users >>>> > - authentication/authorization of virtual mail users >>>> > For the first part, I got useful information from a previsous >> thread >>>> > ( >> http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2008-02/msg01047.html >> ) >>>> > and for the second part, i guess there is sufficient howtos to make >> it >>>> > work. >>>> > My biggest question right now is if is possible to combine all >> three >>>> > things in one data structure. And which in which order I should >> make >>>> > the different implimentions. >>>> > Excuse my total lack of understanding, but is it possible to have a >>>> > structure with a superior unit such as OU=<some organization> which >>>> > could contain several virtual domains and the actual doamin for my >>>> > PDC? >>>> > >>>> > -- >>>> > Jon Theil Nielsen >>>> >>>> Oh, i forgot one more thing: I would also like to be able to >>>> authenticate VPN users the same way. >>>> -- >>>> Jon Theil Nielsen >>>> >>> It's easy to find out if LDAP is a global solution for you. See if LDAP >>> is an available option in each port's config. >>> >>> I just finished setting up a LDAP-based email system. Samba is capable, >>> unix logins are capable. There's a good chance everything is. >>> >>> I liked the virtual part of everything, so I stopped after getting email >>> working. I didn't want to open up my system to all sorts of unix/samba >>> logins that might exploit or give me problems. >>> >>> The email system I documented isn't ready for publishing. I'm having >>> some select friends review it and proofread it first. >>> >>> If there's any interest here, I will provide a 2nd publishing to the >>> general public as a draft. Not to be used exclusively yet. >>> >>> Jon, you should be able to get most if not all of it working though. >>> >>> --Tim >> I would like to see the documentation as well. >> >> -- >> Cheers, >> Trey >> ---- >> >> The universe is change; our life is what our thoughts make it. >> --Antoninus, Marcus Aurelius >> >> Linux valkyrie 188.8.131.52-0.1-bigsmp i686 GNU/Linux >> 9:10am up 11:11, 7 users, load average: 0.98, 0.98, 1.06 >> _______________________________________________ >> firstname.lastname@example.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to " >> [EMAIL PROTECTED]" >> > _______________________________________________ > email@example.com mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"