On Mon, 2006-03-20 at 09:22 +0000, Robert Mortimer wrote: > > Hello, > > > > Is it possible to store samba passwords in ldap without configuring > > samba as a PDC? All the documents/references I've come across are > > related to using LDAP as a samba PDC backend, not as just a db file > > replacement. > > > > Thanks, > > LDAP is a heavyweight store for massive amounts of passwords and extended > data needed to for 100s or 1000s of PCs. In a workgroup there is no central > password store. In a workgroup each windows (LINUX/Samba) machine has local > users and would never consult a central authentication database so the LDAP > would only hold accounts for the local Linux machine's users. > > This is a Sledgehammer + nut situation > > I suggest you look at the normal samba database ---- I'm not entirely certain that I agree with the characterizations that you have used.
LDAP is a lightweight database system that is optimized for frequent reads and infrequent writes. There are implementations of LDAP that can be utilized for account management in UNIX/Linux (aka posix) and in Windows (Samba - Microsoft Active Directory) and these implementations often permit essentially complete integration into the underlying user/group account management. There are implementations that permit this structure to be shared among other servers so that you can attain consistent user/group account management across some/all host systems in a networked environment which makes it attractive for thoughtful application. It's not a sledgehammer + nut situation...it might be more trouble than it's worth for some administrators to learn but I use it even on networks with a small amount of users and computers because I have gotten over the hurdle of learning the implementation and have enough tools to manage things like user accounts and actually find it valuable, even in small scale deployments. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
