Hello Chris, It's pretty simple to add posix attributes via ADUC - there is a "UNIX Attributes" tab. The hardest part for me is remembering to go into that tab and enable it when I create new users :) If you already have these attributes with your S3 domain, classicupgrade will migrate them. With S3, I used plain LDAP auth for all of my *nix systems, and for things like Apache, OpenVPN (by way of a custom auth script), Request Tracker, etc... We also have several in-house apps that were written to use LDAP. I decided to stay with LDAP authentication for the time being, since it only required a few config edits, though I will likely deploy new systems using winbind.
On Mon, Feb 18, 2013 at 4:57 PM, Chris Fischer <[email protected]> wrote: > Hi all, > > i'm searching the web up and down for a while now. > > I had set up an Samba4 AD from debian packages successfully. Now the goal > is, like S3 with LDAP, to use this AD for linux purposes. > At first for auth, later to bind postfix and other services to read the > directory. (When tests are successfull, i will migrate an existing > S3/OpenLDAP to S4s Active Directory. > > Now it is difficult for me to find best practises for my project. > > - Should I add posix attributes to my Domain Users and how to use this > approach in an easy way with ADUC or other tools and read them with nslcd. > or > - Should I use nslcd without posix attributes and configure some mappings > like creating uidNumber from the SID > or > - should I use WINBIND for auth. But I have found discussions about > different winbind behavior depending on S4 is used as DC or member server > in AD. In production mode, there will be the need to have linux auth on the > DC and one member server (NAS). So it would nice to get the same behavior > on both servers. > > > Thanks for your advice. > > Chris Fischer > > -- > To unsubscribe from this list go to the following URL and read the > instructions: > https://lists.samba.org/**mailman/options/samba<https://lists.samba.org/mailman/options/samba> > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
