We have a network of PCs running XP and servers running Win 2k and Win 2003.
User Account management is done with Active Directory (AD). We want to add some
Sun Solaris computers to this network. One of the network guys said that Samba
could be used as a single sign on solution for a network of Windows and Solaris
computers. He said that Samba 3.x provided the capability to use Active
Directory to manage/synchronize the user accounts. In other words, with Samba,
the accounts on the AD server could be used when logging onto the Solaris
computers, the Xp computers, and the Windows servers.
I have done some reading and do not see where samba provides a single sign
on solution. Am I missing something or did the other guy misinterrupt the Samba
capabilities?
Thanks in advance for any info I can get on this.
Regards,
Greg
greg.mani@navy.mil
On Thu, Feb 12, 2004 at 02:44:57PM -0800, Mani, Greg SPAWAR wrote:> We have a network of PCs running XP and servers running Win 2k and Win 2003. User Account management is done with Active Directory (AD). We want to add some Sun Solaris computers to this network. One of the network guys said that Samba could be used as a single sign on solution for a network of Windows and Solaris computers. He said that Samba 3.x provided the capability to use Active Directory to manage/synchronize the user accounts. In other words, with Samba, the accounts on the AD server could be used when logging onto the Solaris computers, the Xp computers, and the Windows servers. > I have done some reading and do not see where samba provides a single sign on solution. Am I missing something or did the other guy misinterrupt the Samba capabilities?You're missing something :-). Read up on winbind and the ability to add a Samba server into a AD domain. Jeremy.
"Mani, Greg SPAWAR" <greg.mani@navy.mil> wrote in message news:00E4BF0C009B8544B4010B1D6D86E42A0144A592@NAWESPSCEX08VA.nadsuswe.nads.navy.mil...> We have a network of PCs running XP and servers running Win 2k andWin 2003. User Account management is done with Active Directory (AD). We want to add some Sun Solaris computers to this network. One of the network guys said that Samba could be used as a single sign on solution for a network of Windows and Solaris computers. He said that Samba 3.x provided the capability to use Active Directory to manage/synchronize the user accounts. In other words, with Samba, the accounts on the AD server could be used when logging onto the Solaris computers, the Xp computers, and the Windows servers. You did not specify how you wanted to use the Solaris machines. Do you want to run Solaris applications on them or do you want them to be able to access shares on the Windows network? Samba will allow your Unix/Linux machines to access Windows shares. This happens because Samba uses the same SMB/CIFS protocol that Windows uses. Single Sign On (SSO) to me is a separate issue. SSO allows you to have one database of usernames and passwords. Users can access this database and be authenticated no matter which operating system they are using. OpenLDAP is one of the user database backends that Samba 3.x can use. If you use an OpenLDAP database of usernames and passwords, Windows clients and Linux/Unix clients can use it for authentication. To do this you would need to use a Linux/Unix machine running Samba and OpenLDAP for authentication. The Linux/Unix client's don't need Samba. OpenLDAP can be used to replace the traditional password files that Linux/Unix machines use for user authentication. The Windows clients need Samba and OpenLDAP. A Samba member server can authenticate against Active Directory, However, Samba will not allow you to use Active Directory to authenticate the Solaris boxes. This is my understanding of how the process works. Perhaps John or Jerry would like to comment.