Hi all, I know this is a little off topic (although it might not be because I'm sure there's a solution involving Samba!)... but I hope one of you fine people can advise me on the best approach to achieving an integrated directory supporting Unix/Linux as a first class citizen, storing autofs maps, as well as uid, gid and home folders for each user... and how would that be managed. I see Microsoft is removing the Unix services extensions with Server 2016, so I'm really wondering what the best, and most long term sustainable way to integrate a directory so that both platforms operate as intended, and those users are manageable. -- A. James Lewis (james at fsck.co.uk (mailto:james at fsck.co.uk)) "Engineering does not require science. Science helps a lot but people built perfectly good brick walls long before they knew why cement works."
On Mon, 13 Mar 2017 20:04:30 +0000 "A. James Lewis via samba" <samba at lists.samba.org> wrote:> Hi all, > > I know this is a little off topic (although it might not be because > I'm sure there's a solution involving Samba!)... but I hope one of > you fine people can advise me on the best approach to achieving an > integrated directory supporting Unix/Linux as a first class citizen, > storing autofs maps, as well as uid, gid and home folders for each > user... and how would that be managed. > > I see Microsoft is removing the Unix services extensions with Server > 2016, so I'm really wondering what the best, and most long term > sustainable way to integrate a directory so that both platforms > operate as intended, and those users are manageable.From my understanding, they only removed the idmu server etc, they haven't removed the RFC2307 attributes. Even if they did, Samba would still have them. You can use samba-tool to manage the creation of RFC2307 users and groups. Rowland
On Mon, Mar 13, 2017 at 08:44:03PM +0000, Rowland Penny via samba wrote:> On Mon, 13 Mar 2017 20:04:30 +0000 > "A. James Lewis via samba" <samba at lists.samba.org> wrote: > > > Hi all, > > > > I know this is a little off topic (although it might not be because > > I'm sure there's a solution involving Samba!)... but I hope one of > > you fine people can advise me on the best approach to achieving an > > integrated directory supporting Unix/Linux as a first class citizen, > > storing autofs maps, as well as uid, gid and home folders for each > > user... and how would that be managed. > > > > I see Microsoft is removing the Unix services extensions with Server > > 2016, so I'm really wondering what the best, and most long term > > sustainable way to integrate a directory so that both platforms > > operate as intended, and those users are manageable. > > From my understanding, they only removed the idmu server etc, they > haven't removed the RFC2307 attributes. Even if they did, Samba would > still have them.https://blogs.technet.microsoft.com/activedirectoryua/2016/02/09/identity-management-for-unix-idmu-is-deprecated-in-windows-server/ also offers some clarification around this. Christof
Is there a good guide for how to set up a Samba based AD domain controller with RFC2307 attributes so I can experiment... I can't get the Windows guys in my company to do anything Microsoft don't provide a check box for, unless I can teach them how to do it... but I've not used any of these Windows technologies for a very long time... At least if I can show a working system then someone from the Windows team might consider looking at it.... and if I tell them to do something that ultimately doesn't work, we'll be back to square one but they will be doubly reluctant, so I need to learn more about AD than them... sigh. On 13/03/17 20:44, Rowland Penny via samba wrote:> On Mon, 13 Mar 2017 20:04:30 +0000 > "A. James Lewis via samba" <samba at lists.samba.org> wrote: > >> Hi all, >> >> I know this is a little off topic (although it might not be because >> I'm sure there's a solution involving Samba!)... but I hope one of >> you fine people can advise me on the best approach to achieving an >> integrated directory supporting Unix/Linux as a first class citizen, >> storing autofs maps, as well as uid, gid and home folders for each >> user... and how would that be managed. >> >> I see Microsoft is removing the Unix services extensions with Server >> 2016, so I'm really wondering what the best, and most long term >> sustainable way to integrate a directory so that both platforms >> operate as intended, and those users are manageable. > From my understanding, they only removed the idmu server etc, they > haven't removed the RFC2307 attributes. Even if they did, Samba would > still have them. > > You can use samba-tool to manage the creation of RFC2307 users and > groups. > > Rowland > >-- A. James Lewis (james at fsck.co.uk) "Engineering does not require science. Science helps a lot but people built perfectly good brick walls long before they knew why cement works."
On Mon, 13 Mar 2017 20:04:30 +0000 "A. James Lewis via samba" <samba at lists.samba.org> wrote:> Hi all, > > I know this is a little off topic (although it might not be because > I'm sure there's a solution involving Samba!)... but I hope one of > you fine people can advise me on the best approach to achieving an > integrated directory supporting Unix/Linux as a first class citizen, > storing autofs maps, as well as uid, gid and home folders for each > user... and how would that be managed. >I saw a talk about this sort of integration at a conference earlier this month, descriptions/slides: https://www.socallinuxexpo.org/scale/15x/presentations/integrating-linux-systems-active-directory-using-open-source-tools They streamed it to youtube but unfortunately the audio quality is poor: https://youtu.be/b4tgmhKYq6Q?t=7047