Am 4/12/22 um 15:43 schrieb Ralph Boehme via samba:> On 4/12/22 11:20, Tobias Hachmer via samba wrote:
>> I'm quite new to Samba, especially advanced stuff. We have a single
>> standalone Samba server with user auth against (Open)LDAP (passdb
>> backend) and organizing all shares within the smb.conf.
>
> the LDAP passdb backend has pretty much fallen out of favor and only
> very few are still using this kind of setup. Therefor I highly recommend
> looking into joining the fileservers to AD, possibly Samba 4 AD with
> password replication to an LDAP server.
Ok, we want to avoid as much overhead as we can, actually.
We have an OpenLDAP infrastructure and didn't want to have a parallel
infra like AD just for the fileserver purpose.
But if this is the way to go atm, we have no other chance I assume?
Also, I think there's no chance (or not recommended) to run the
fileserver colocated to Samba 4 AD? So, we need as a first step e.g. 2
Samba 4 AD machines. And on top the three fileserver sambas, joined this AD?
Where in documentation is a good starting point for this? Especially the
password synchronization to OpenLDAP part. Do we have to sync the
passwords from Samba 4 AD to OpenLDAP? The other way round sounds better
to us if possible because of our current OpenLDAP infrastructure with
existent Password Self Service for users.
> As for configuration, that is typically stored in a registy config
> backend, cf "REGISTRY-BASED CONFIGURATION" in man smb.conf.
Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2261 bytes
Desc: not available
URL:
<http://lists.samba.org/pipermail/samba/attachments/20220413/169bab75/smime.bin>