Re: [K12OSN] Samba setup w/ ldap vs NIS/NT domain

On Tue, 16 Apr 2002, James Jensen wrote:

>I'm very much interested in continuing the model that I have however it
>would *really* make my life easier if usernames & passwords were to be
>automatically synced between Samba & Linux.  It sounds like LDAP would solve
>this (and maybe other issues as well).

The nice part is that the Linux account info & the Samba account info are
not "synced" with the LDAP backend, the Linux & Samba account info are both
*pulled* out of the single LDAP backend. There is nothing to sync, it's all
in the same backend. One place for it all to work, one place for it all to
break ;-)

>I'm sure not a few would be very interested in resolving this automated sync
>issue, so here goes:
>1. What will it take to set up a Samba+LDAP server or is there an easier way
>to sync between Samba and Linux?

"easier" depends on the scale. 

With a large scale deployment, I'd say that the work I had to put into merging
all of my account info into an OpenLDAP backend was definately worth it.

With a few small servers it'd probably be too much overhead to justify given
the current tools and documentation available.

>2. Any advice for making this task less daunting for those of us who have
>limited to no experience with LDAP?

Well I wish I had a good answer for this one. I certainly see the value in
it and want to help make it more accessible. It is *hard* getting your mind
around how a directory server works and integrating into your network. It's
even more challenging trying to "package" it up so that it is easy to
implement who have limited to no experience.

I think that a good, solid, easy to implement directory server is the next
stop towards World Domination ;-) 

If anyone has a directory server up and running, I'd love it if you'd post
here to the list what you are using, how you are using it, what tools you use
to manage it, and any opinions/tips you have to offer.


