On Mon, 2012-08-27 at 16:42 -0500, Andrew Martin wrote: > Hello, > > > This topic has been touched on in the past, but I'd like to ask for > additional clarification on the structure of the internal LDAP server > that Samba4 provides. I currently am using OpenLDAP for authenticating > Linux servers and a number of web-based services. I also use Samba 3 > for presenting shares to Windows users, but it maintains a separate > password database. I would like to migrate to a single sign-on, > ideally using Samba4. I use the inetOrgPerson schema for users > ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/ > inet OrgPerson.html ) and the posixGroup schema for groups > ( > http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/posixGroup.html > ). Does the internal LDAP server in Samba4 support these schemas? I don't > mind writing some scripts to manually populate/update additional fields as > needed, but need to know that services which expect a regular LDAP server > would be able to utilize the Samba4 one?
You should be able to use both of those, and do a simple bind against Samba4 for password validation. You can even avoid using a DN for the simple bind, we also accept user@realm and domain\user as the 'DN'. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
