Active Directory server on 6-STABLE ?
I'm looking for a good way to provide a single authentication/authorization database for multiple applications in an environment consisting of a FreeBSD server and a collection of primarily Windows (XP) clients. We do NOT want to use the old Windows Domain protocols; and it doesn't look easy to make Windows work with anything that isn't a Microsoft work-alike. Active Directory looks like a good choice; since it should be easy to access the database from just about any app that supports LDAP authentication. But so far, I haven't found an implementation of an AD-compatible server that will run on FreeBSD. (This could, in part, reflect my lack of Windows experience...) It looks like Samba4 is far enough along to provide the necessary functionality; but it doesn't build and run on FreeBSD; and I don't currently have the time available to do the porting work. So, have I completely missed some other solution? Does someone have Samba4 running on FreeBSD 6-STABLE? Do any of you have any other useful (on-topic) advice for me? Thanks, -Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Active Directory server on 6-STABLE ?
Pat Lashley wrote: I'm looking for a good way to provide a single authentication/authorization database for multiple applications in an environment consisting of a FreeBSD server and a collection of primarily Windows (XP) clients. We do NOT want to use the old Windows Domain protocols; and it doesn't look easy to make Windows work with anything that isn't a Microsoft work-alike. Active Directory looks like a good choice; since it should be easy to access the database from just about any app that supports LDAP authentication. But so far, I haven't found an implementation of an AD-compatible server that will run on FreeBSD. (This could, in part, reflect my lack of Windows experience...) It looks like Samba4 is far enough along to provide the necessary functionality; but it doesn't build and run on FreeBSD; and I don't currently have the time available to do the porting work. So, have I completely missed some other solution? Does someone have Samba4 running on FreeBSD 6-STABLE? Do any of you have any other useful (on-topic) advice for me? Pat - your not going to find a good fit with FreeBSD and LDAP. The closest you will get to near-AD via Unix is here. http://directory.fedoraproject.org/wiki/Documentation You may find this will better suit your needs. It has mine. -- Best regards, Chris BOFH excuse #54: Evil dogs hypnotised the night shift ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Active Directory server on 6-STABLE ?
I have OpenLDAP running on FreeBSD 6.x. Simple, effective and reliable. You can do the same with Active Directory, but you will need Windows 2003. Msg me offlist if you want to talk about it more. On 4/25/07, Pat Lashley [EMAIL PROTECTED] wrote: I'm looking for a good way to provide a single authentication/authorization database for multiple applications in an environment consisting of a FreeBSD server and a collection of primarily Windows (XP) clients. We do NOT want to use the old Windows Domain protocols; and it doesn't look easy to make Windows work with anything that isn't a Microsoft work-alike. Active Directory looks like a good choice; since it should be easy to access the database from just about any app that supports LDAP authentication. But so far, I haven't found an implementation of an AD-compatible server that will run on FreeBSD. (This could, in part, reflect my lack of Windows experience...) It looks like Samba4 is far enough along to provide the necessary functionality; but it doesn't build and run on FreeBSD; and I don't currently have the time available to do the porting work. So, have I completely missed some other solution? Does someone have Samba4 running on FreeBSD 6-STABLE? Do any of you have any other useful (on-topic) advice for me? Thanks, -Pat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Directory server
On Mon, Oct 02, 2006 at 07:26:20AM +0700, rithy4u- CEO wrote: Dear All, I am seeking the way how to implement FreeBSD+LDAP+Samba to build a file server for medium size business which will serv up to 60 concurrent users. But the issue is, how we get it all in one package? and join all windows clients into Samba Domain? I hope someone can help me up with this. Thanks and Best Regards, Richard Ben, CIO -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. You should be able to use FreeBSD's Samba and OpenLDAP port without issue. I haven't used Samba with LDAP (probably Active Directory in your case), but I know it's supported. As for connecting Windows clients, Samba does include a NetBIOS nameserver with WINS support. Here are a couple of links to get you started: http://aput.net/~jheiss/samba/ldap.shtml http://lilly.csoft.net/~vdebaere/handleiding/samba-activedirectory/index_en.html http://samba.org/samba/news/articles/abartlet_thesis.pdf -Damian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Directory server
On 10/1/06, rithy4u- CEO [EMAIL PROTECTED] wrote: Dear All, I am seeking the way how to implement FreeBSD+LDAP+Samba to build a file server for medium size business which will serv up to 60 concurrent users. But the issue is, how we get it all in one package? and join all windows clients into Samba Domain? I hope someone can help me up with this. Over the summer I implimented this exact setup, an MS Windows domain without any MS Windows servers, for a company of about 1000 users. There are some pretty serious draw-backs to not using MS Win 2003 as your domain controller, but with the right tools you can get pretty close; and the advantages of not using MS Windows make up the rest of the difference. Check out the how-to documents posted by others, if you have any specific questions let me know, I may be able to help. ( I didn't/don't use Kerberose, yet.) P.S. This is not an easy thing to set up. I'm not aware of any easy ldap servers so you are probably going to end up doing a lot of development work on your ldap schema, importing users, and setting up your local directory before you even look at samba. I spent about four months on my system and I had a working, although very badly constructed, system to start from. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Directory server
Dear All, I am seeking the way how to implement FreeBSD+LDAP+Samba to build a file server for medium size business which will serv up to 60 concurrent users. But the issue is, how we get it all in one package? and join all windows clients into Samba Domain? I hope someone can help me up with this. Thanks and Best Regards, Richard Ben, CIO -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Directory server
Step by step if you wanna use Kerberos.. http://www.bayour.com/LDAPv3-HOWTO.html If you wanna use nss_ldap http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_ns s_ldap_mini-HOWTO.html Personally I prefer nss_ldap. Kerberos is more secure, but it's a bit of rocket science to set up. and also you can use this client http://www.ldapeditor.com to manage the users in openldap. It's the best free ldap browser/editor and user management program available. -Original Message- From: [EMAIL PROTECTED] [mailto:owner-freebsd- [EMAIL PROTECTED] On Behalf Of rithy4u- CEO Sent: October 1, 2006 8:26 PM To: freebsd-questions@freebsd.org Subject: Directory server Dear All, I am seeking the way how to implement FreeBSD+LDAP+Samba to build a file server for medium size business which will serv up to 60 concurrent users. But the issue is, how we get it all in one package? and join all windows clients into Samba Domain? I hope someone can help me up with this. Thanks and Best Regards, Richard Ben, CIO -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Penrose: Virtual Directory Server
After doing a search in the list for penrose, I couldn't find any hits for this Virtual Directory Server: http://docs.safehaus.org/display/PENROSE/Home I want to use it with PostgreSQL and OpenLDAP directories. Since I didn't see anything in ports, I wondered if anyone had gotten this working on their own. -- Ian Tegebo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fedora Directory Server Project (release 1.0)
The posted requirements appear to be basic, though I'm wondering if anyone (with sufficient Linux experience) can comment on whether this might be successfully built on FreeBSD. http://directory.fedora.redhat.com/wiki/Main_Page _F ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fedora Directory Server Project (release 1.0)
Le Dim 4 déc 05 à 19:11:09 +0100, Forrest Aldrich [EMAIL PROTECTED] écrivait : The posted requirements appear to be basic, though I'm wondering if anyone (with sufficient Linux experience) can comment on whether this might be successfully built on FreeBSD. http://directory.fedora.redhat.com/wiki/Main_Page According to the page http://directory.fedora.redhat.com/wiki/Building it should be possible, I don't see any show stoppers, although not trivial. To be added at http://wikitest.freebsd.org/moin.cgi/WantedPorts ? -- Th. Thomas. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fedora directory server 1.0
Anyone know if a port is in progress? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Active Directory Server
[EMAIL PROTECTED] wrote: Has anyone any experience trying to make FreeBSD an Active Directory Server? From my research and experiementation, I am under the impression that it is possible, but I have yet to come up with any articles where it has actual been done fully. it may be not relevant, or simply wrong, but IIRC, e-smith , a linux distrib that was started by mitel, ( http://www.e-smith.com/ ), has Samba *and* winXP sees it as a domain. I can't recall if it's an AD (I *think* it is, as the esmith server runs LDAP, iirc). The trick to let the client see the linux/samba server as an AD server was to disable some kind of encryption / cert related option in the client's registry. I'll see if i get hold of the colleague that worked on this and ask him the details. hope this is of some help. Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Active Directory Server
On Sun, 2005-07-31 at 08:43, Norberto Meijome wrote: [EMAIL PROTECTED] wrote: Has anyone any experience trying to make FreeBSD an Active Directory Server? From my research and experiementation, I am under the impression that it is possible, but I have yet to come up with any articles where it has actual been done fully. it may be not relevant, or simply wrong, but IIRC, e-smith , a linux distrib that was started by mitel, ( http://www.e-smith.com/ ), has Samba *and* winXP sees it as a domain. I can't recall if it's an AD (I *think* it is, as the esmith server runs LDAP, iirc). The trick to let the client see the linux/samba server as an AD server was to disable some kind of encryption / cert related option in the client's registry. I'll see if i get hold of the colleague that worked on this and ask him the details. hope this is of some help. Beto I've been following this tread with some interest as I am looking to replace a small network running W2k server with a BSD centred one. The Samba site - http://us2.samba.org/samba/ has some very useful information including Howtos and examples. There is however, a warning: At this time any appearance that Samba-3 is capable of acting as a domain controller in native ADS mode is limited and experimental in nature. This functionality should not be used until the Samba Team offers formal support for it. At such a time, the documentation will be revised to duly reflect all configuration and management requirements. Samba can act as a NT4-style domain controller in a Windows 2000/XP environment. However, there are certain compromises: * No machine policy files. * No Group Policy Objects. * No synchronously executed Active Directory logon scripts. * Can't use Active Directory management tools to manage users and machines. * Registry changes tattoo the main registry, while with Active Directory they do not leave permanent changes in effect. * Without Active Directory you cannot perform the function of exporting specific applications to specific users or groups. I am currently working on setting up the network, and one of the things that is quite clear is that full ADS functionality is not necessary. My view is that for a small network, roaming profiles, printer and file sharing is all that is really necessary. It looks like Samba has no problem with that. I think that the real problem with answering the original post is that the question is too general. There are a number of different examples dependant on the network requirements on the Samba site which could be taken as a start point. Rob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Active Directory Server
Robert Slade wrote: I am currently working on setting up the network, and one of the things that is quite clear is that full ADS functionality is not necessary. My view is that for a small network, roaming profiles, printer and file sharing is all that is really necessary. It looks like Samba has no problem with that. Absolutely - most of the AD functionality isn't used that much, or is under-utilised. the e-smith server sets all these things up out of the box - really nicely done. If only it was BSD... ;) Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD Active Directory Server
Has anyone any experience trying to make FreeBSD an Active Directory Server? From my research and experiementation, I am under the impression that it is possible, but I have yet to come up with any articles where it has actual been done fully. At the minute I have samba and ldap setup, the active directory dns entries in (_ldap._tcp.dc._msdcs.{domain}). I am getting an error message when trying to join my XP client to the domain - I think it is to do with the ldap server. Any clues or points in the right direction would be helpful - I am getting the impression that this may be a big project, if it is even achieveable. Cheers, Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Active Directory Server
On Sat, 30 Jul 2005 20:03:56 +0800, [EMAIL PROTECTED] wrote: Has anyone any experience trying to make FreeBSD an Active Directory Server? From my research and experiementation, I am under the impression that it is possible, but I have yet to come up with any articles where it has actual been done fully. At the minute I have samba and ldap setup, the active directory dns entries in (_ldap._tcp.dc._msdcs.{domain}). I am getting an error message when trying to join my XP client to the domain - I think it is to do with the ldap server. Any clues or points in the right direction would be helpful - I am getting the impression that this may be a big project, if it is even achieveable. Cheers, Martin Samba has experimental components which support ADS, but not fully. See http://www.samba.org/ and the Official Samba Howto. In my experience it isn't currently capable to have FreeBSD run as a fully functioning ADS server. If you absolutely need ADS you may simply need to have a Windows server. If you need Windows Domain logons and ACLs etc... Samba+LDAP works beautifully, I have this implemented at my work, the only reference I needed was the Official Samba Howto. Using LDAP Account Manager also helps :) There are no problems with machines connecting to the domains, or domain logons, user profiles, or ACL's. Daniel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]