Andrew,
Thanks for the clarification. Is there a list of the attributes Samba4 will maintain, so I can determine which ones I'll have to manually update? Andrew ----- Original Message ----- From: "Andrew Bartlett" <[email protected]> To: "Andrew Martin" <[email protected]> Cc: [email protected] Sent: Tuesday, August 28, 2012 3:32:31 AM Subject: Re: [Samba] Support for Linux Authentication with Samba4's Internal LDAP Server On Mon, 2012-08-27 at 16:42 -0500, Andrew Martin wrote: > Hello, > > > This topic has been touched on in the past, but I'd like to ask for > additional clarification on the structure of the internal LDAP server > that Samba4 provides. I currently am using OpenLDAP for authenticating > Linux servers and a number of web-based services. I also use Samba 3 > for presenting shares to Windows users, but it maintains a separate > password database. I would like to migrate to a single sign-on, > ideally using Samba4. I use the inetOrgPerson schema for users > ( http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/ > inet OrgPerson.html ) and the posixGroup schema for groups > ( > http://www.andrew.cmu.edu/user/dd26/ldap.akbkhome.com/objectclass/posixGroup.html > ). Does the internal LDAP server in Samba4 support these schemas? I don't > mind writing some scripts to manually populate/update additional fields as > needed, but need to know that services which expect a regular LDAP server > would be able to utilize the Samba4 one? You should be able to use both of those, and do a simple bind against Samba4 for password validation. You can even avoid using a DN for the simple bind, we also accept user@realm and domain\user as the 'DN'. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
