On Monday 15 March 2010 22:42:41 Mike wrote: > I may well be insane, but as soon as I read your question, I thought > "how novel" and now want to find out the answer, myself.
Well, not necessarily novel if I reword my question as "Would I still have to maintain two separate authentication databases if I want to use Samba4 with some non-Microsoft clients that don't have Samba installed?" For example, can Samba4 work with mail or web servers that can authenticate via "LDAP", or simple Linux workstations that I don't necessarily want to implement and maintain full-scale "ActiveDirectory(tm)"-mode authentication for? The need to maintain two separate authentication databases has been my biggest annoyance with Samba (I realize this isn't the fault of Samba but rather a consequence of Microsoft's "special" password-hashing method). That means if you don't use Samba every time you change your password, you end up with your normal password and your Windows/Samba password out of sync. If Samba4's internal LDAP server also handles basic POSIX account attributes, then using Samba4 as the "LDAP authentication server" for everything finally solves that problem (doesn't it?). Otherwise, the only option would be using the OpenLDAP backend and we're back to maintaining two separate sets of authentication data and requiring Samba on the clients for any password changes. I haven't found any documentation so far that indicates either way whether this works. For obvious reasons, the existing Samba4 documentation seems to be almost exclusively about controlling Microsoft Windows clients. If it's a case of "it SHOULD work but nobody's tested it yet", I'd be quite willing to help with the testing... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba