[PLUG] smbldap-tools.
Wil Cooley
wcooley at nakedape.cc
Fri Feb 27 21:36:01 UTC 2004
On Fri, 2004-02-27 at 18:40, Jeme A Brelin wrote:
> So... I'm setting up this Samba+LDAP thing.
>
> I'm looking at these smbldap-tools for creating users and machine accounts
> and stuff. I installed 'em and configured 'em, but they don't seem to be
> doing what I'd like them to be doing.
>
> They're creating LDAP entries under People, which seems right... but
> they're ALSO creating entries in unix accounts for those people. Is that
> how it should be? It seems like a mess. Do I need unix users for each of
> the Samba users? Can't Samba just check LDAP for permissions and stuff
> instead of using filesystem permissions?
You need posixAccount attributes for username<=>UID mapping. What's
messy about it? Without LDAP, you'd need accounts in /etc/passwd and
smbpasswd--this is basically the same thing, with flat-file databases
replaced with a directory. You could, I suppose, use 'force user' and
'force group' to force all files to be owned by one user:group, but
that's enough of a corner-case that no one bothers with it.
You also get a couple of other things for free--like the ability to have
multiple boxes with a single user-name-space and "Consistent Sign-On".
Different people are more or less excited about being able to use it as
an internal addressbook.
Wil
--
Wil Cooley wcooley at nakedape.cc
Naked Ape Consulting http://nakedape.cc
* * * * Linux, UNIX, Networking and Security Solutions * * * *
* Naked Ape Consulting http://nakedape.cc *
* AIX Support & Service http://nakedape.cc/r/aix *
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20040227/3ce81947/attachment.asc>
More information about the PLUG
mailing list