RE: [Samba] Storing passwords in LDAP, but not a PDC
Hello, Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. Thanks, LDAP is a heavyweight store for massive amounts of passwords and extended data needed to for 100s or 1000s of PCs. In a workgroup there is no central password store. In a workgroup each windows (LINUX/Samba) machine has local users and would never consult a central authentication database so the LDAP would only hold accounts for the local Linux machine's users. This is a Sledgehammer + nut situation I suggest you look at the normal samba database Regards Rob David Filion -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Storing passwords in LDAP, but not a PDC
On Mon, 2006-03-20 at 09:22 +, Robert Mortimer wrote: Hello, Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. Thanks, LDAP is a heavyweight store for massive amounts of passwords and extended data needed to for 100s or 1000s of PCs. In a workgroup there is no central password store. In a workgroup each windows (LINUX/Samba) machine has local users and would never consult a central authentication database so the LDAP would only hold accounts for the local Linux machine's users. This is a Sledgehammer + nut situation I suggest you look at the normal samba database I'm not entirely certain that I agree with the characterizations that you have used. LDAP is a lightweight database system that is optimized for frequent reads and infrequent writes. There are implementations of LDAP that can be utilized for account management in UNIX/Linux (aka posix) and in Windows (Samba - Microsoft Active Directory) and these implementations often permit essentially complete integration into the underlying user/group account management. There are implementations that permit this structure to be shared among other servers so that you can attain consistent user/group account management across some/all host systems in a networked environment which makes it attractive for thoughtful application. It's not a sledgehammer + nut situation...it might be more trouble than it's worth for some administrators to learn but I use it even on networks with a small amount of users and computers because I have gotten over the hurdle of learning the implementation and have enough tools to manage things like user accounts and actually find it valuable, even in small scale deployments. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Storing passwords in LDAP, but not a PDC
HiHo! Craig White wrote: On Mon, 2006-03-20 at 09:22 +, Robert Mortimer wrote: Hello, Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. Thanks, LDAP is a heavyweight store for massive amounts of passwords and extended data needed to for 100s or 1000s of PCs. In a workgroup there is no central password store. In a workgroup each windows (LINUX/Samba) machine has local users and would never consult a central authentication database so the LDAP would only hold accounts for the local Linux machine's users. This is a Sledgehammer + nut situation I suggest you look at the normal samba database I'm not entirely certain that I agree with the characterizations that you have used. [...] I completely agree. I think Roberts answer might be appropriate under certain conditions but is just to general. LDAP isn't that difficult to use and if you already have a established Unix based environment, including LDAP, adding a little bit SambaSAMAccount magic is more a by-product than real work. Maintaining samba password and user files on perhaps 10 or 15 Unix samba servers is more work than getting samba and LDAP together... Markus -- Senior Executive - Systemadministration Direct Phone: + 49 / 234 9787-57 Direct Fax: +49 / 234 9787-77 Viisage Technology AG Universitaetsstrasse 160 44801 Bochum Germany http://www.viisage.com -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Storing passwords in LDAP, but not a PDC
HiHo! David Filion wrote: Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. Nearly the same question has been asked one day ago, so here is the same answer:-) http://www.ofb.net/~jheiss/samba/ldap.shtml http://www.coe.tamu.edu/cs/Manuals/Samba/Samba-LDAP-HOWTO.html Have fun Markus -- Senior Executive - Systemadministration Direct Phone: + 49 / 234 9787-57 Direct Fax: +49 / 234 9787-77 Viisage Technology AG Universitaetsstrasse 160 44801 Bochum Germany http://www.viisage.com -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Storing passwords in LDAP, but not a PDC
Hello, Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. Thanks, David Filion -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Storing passwords in LDAP, but not a PDC
On Fri, 2006-03-17 at 15:43 -0500, David Filion wrote: Hello, Is it possible to store samba passwords in ldap without configuring samba as a PDC? All the documents/references I've come across are related to using LDAP as a samba PDC backend, not as just a db file replacement. yes and you don't even need samba to create the passwords providing you have other means to create the proper Windows password hashes. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba