Justin Pearce
2005-Dec-27 01:43 UTC
[Samba] SAMBA PDC for Windows and Mac clients questions
Greetings, In the interest of better compatibility for file stores and authentication, we are trying to implement a Linux machine as a primary domain controller using SAMBA and LDAP. The goal is to have both Windows XP computers and Mac OS X computers able to authenticate against the PDC, thereby allowing access to appropriate file stores on the network. While it is easy to have the Windows machines authenticate against the server without LDAP, I seem to be unable to use the server as an authentication source for the Mac OS X machines unless I try to use LDAP. The problem I seem to have is that I can only get Windows to work with the server or OS X to work with the server, but not both. Unfortunately, I am rather new to this area and I cannot seem to find any good documentation or examples thus far. Has anyone tried this or have some experience in this area and could provide some suggestions or references to implementation? Justin
Matthew Easton
2005-Dec-27 08:37 UTC
[Samba] SAMBA PDC for Windows and Mac clients questions
On Dec 26, 2005, at 5:43 PM, Justin Pearce wrote:> > In the interest of better compatibility for file stores and > authentication, we are trying to implement a Linux machine as a > primary > domain controller using SAMBA and LDAP. The goal is to have both > Windows > XP computers and Mac OS X computers able to authenticate against the > PDC, thereby allowing access to appropriate file stores on the > network. >On the Mac clients, take a look at "Directory Access" in the "Utilities" subdirectory of the "Applications" directory -- if you haven't already. There seems to be an option to configure Samba/CIFS authentication. Check it, select it, and choose "configure" to set the workgroup and wins server.> While it is easy to have the Windows machines authenticate against the > server without LDAP, I seem to be unable to use the server as an > authentication source for the Mac OS X machines unless I try to use > LDAP. >Apple's Xserve uses OpenLDAP for authentication, so if you get it right, the Macs will behave pretty much like they would in a native Mac environment. Note that a Mac user can authenticate against an LDAP server to mount his home directory through NFS, and then mount file shares using SAMBA or NFS or Appletalk, and that could be a second authentication to the same or to a different server.> The problem I seem to have is that I can only get Windows to work with > the server or OS X to work with the server, but not both. > Unfortunately, > I am rather new to this area and I cannot seem to find any good > documentation or examples thus far. Has anyone tried this or have some > experience in this area and could provide some suggestions or > references > to implementation?But here are some folks who have apparently done just what you are trying. http://www.cs.dixie.edu/ldap/server/
Justin Pearce
2005-Dec-28 01:15 UTC
[Samba] SAMBA PDC for Windows and Mac clients questions
Hey Matthew, Thanks for the link. Reading their implementation gave me better insight into how it should all fit together and work. I was able to get out test boxes to talk happily to one another. Justin -----Original Message----- From: Matthew Easton [mailto:v-vi@trugschluss.org] Sent: Tuesday, December 27, 2005 2:45 AM To: Justin Pearce Cc: samba@lists.samba.org Subject: Re: [Samba] SAMBA PDC for Windows and Mac clients questions On Dec 26, 2005, at 5:43 PM, Justin Pearce wrote:> > In the interest of better compatibility for file stores and > authentication, we are trying to implement a Linux machine as a > primary > domain controller using SAMBA and LDAP. The goal is to have both > Windows > XP computers and Mac OS X computers able to authenticate against the > PDC, thereby allowing access to appropriate file stores on the > network. >On the Mac clients, take a look at "Directory Access" in the "Utilities" subdirectory of the "Applications" directory -- if you haven't already. There seems to be an option to configure Samba/CIFS authentication. Check it, select it, and choose "configure" to set the workgroup and wins server.> While it is easy to have the Windows machines authenticate against the > server without LDAP, I seem to be unable to use the server as an > authentication source for the Mac OS X machines unless I try to use > LDAP. >Apple's Xserve uses OpenLDAP for authentication, so if you get it right, the Macs will behave pretty much like they would in a native Mac environment. Note that a Mac user can authenticate against an LDAP server to mount his home directory through NFS, and then mount file shares using SAMBA or NFS or Appletalk, and that could be a second authentication to the same or to a different server.> The problem I seem to have is that I can only get Windows to work with > the server or OS X to work with the server, but not both. > Unfortunately, > I am rather new to this area and I cannot seem to find any good > documentation or examples thus far. Has anyone tried this or have some > experience in this area and could provide some suggestions or > references > to implementation?But here are some folks who have apparently done just what you are trying. http://www.cs.dixie.edu/ldap/server/