SAMBA
2005-Dec-01 18:47 UTC
[Samba] Unresolved Questions for Active Directory Kerberos/LDAP/AD4Unix or SFU35 support?
I have been digging around for information on this in either online and published books, but I haven't yet found the answer. I am interested in AD connective through AD Kerberos/LDAP/SFU or AD Kerberos/LDAP/AD4Unix. I have a pure win2k3 environment, so there is no backwards support via PDC emulator. Published books document older NT-like environments. *cries* If there are any documents, how-tos, etc, I would appreciate any pointers... Questions: - Is anything needed on the client configuration for Kerberos outside of SAMBA? Do I use Kerberos PAM modules on sourceforge for authentication or does SAMBA umbrella provide its own PAM modules for this? - Does SAMBA access lookups to LDAP through raw LDAP (StartTLS) or LDAPS? Or is Kerberos somehow used to encrypt the traffic? - I saw notes on what seemed to be SFU3.0. Is AD4Unix supported for sid & gid/uid mapping? (it uses Posix schema, and the O'Reilly LDAP book indicated that posix schema is supported by SFU3.5) - Can multi-domain environments be supported? - Are nested groups supported? I'm interested in using ACLs on Linux and using nested group membership for restricting file access via shares. Thanks so much in advance. I'm currently experimenting with PADL solutions and NFS, but wanted to move off of that due to lack of caching of LDAP queries (performance issues and reliability issues) and noted that winbindd for at least older NT domains had some caching capabilities. Joaquin
Maybe Matching Threads
Wisdom of the Ancients
