Hello everone, In my Company we are going through a network redesign and Planning to retire our Novel edirectory, and Novel Servers and replace them with Samba4 (Over 150 Servers). We have setup a Samba4 test environment which seems to be working well so far. We are an organization with multiple locations and over 1200 users, we are also very heavy users of google apps. I have couple of questions that I need help with. 1- Is it possible to Integrate samba4 with Google Apps for Single sign-on, I know google has and application that Integrates Microsoft Active Directory with Google Apps, so I assume it should be possible with Samba4 too. Has anyone tried and used this feature with success? 2- We already have over 1200 accounts on Google. Is there a way to Import these user accounts into samba4? I would really appreciate any help in this matter and welcome any additional suggestions that you may have for a Project of this magnitude. -- *Varouj (V.J.) Avanessians | Sr. Linux Sys Administrator | ACCO Engineered Systems* 6265 San Fernando Rd | Glendale, California | 91201- 2214 (818)-730-5846 Mobile | (818)-244-6571 Main* *
On Wed, 2013-01-16 at 13:59 -0800, Varoujan Avanessians wrote:> Hello everone, > > In my Company we are going through a network redesign and Planning to > retire our Novel edirectory, and Novel Servers and replace them with Samba4 > (Over 150 Servers). We have setup a Samba4 test environment which seems to > be working well so far. We are an organization with multiple locations and > over 1200 users, we are also very heavy users of google apps. I have couple > of questions that I need help with. > > 1- Is it possible to Integrate samba4 with Google Apps for Single sign-on, > I know google has and application that Integrates Microsoft Active > Directory with Google Apps, so I assume it should be possible with Samba4 > too. Has anyone tried and used this feature with success?I think that outputting the password sync would be a custom development task at this point. It will be a very useful feature for others too.> 2- We already have over 1200 accounts on Google. Is there a way to Import > these user accounts into samba4?The hard part will be getting the plaintext passwords. Otherwise, it is mostly a matter of just getting the data into AD-like LDIF files, and adding them. You might be able to instead upgrade your Novell domain into Samba 4.0's AD DC, if it currently backs a Samba 3.x 'classic' domain (or can be made to), or otherwise you should be able to get the plaintext pw from the Novell server with some work.> I would really appreciate any help in this matter and welcome any > additional suggestions that you may have for a Project of this magnitude.This certainly needs a lot of care. What you are proposing would be one of our larger deployments in terms of numbers of users, and is very large in terms of number of servers (almost certainly the largest, if you really want 150 DCs), and will be stretching our replication capabilities. I'll help you however I can, but you may wish to engage some professional support as well. I do wish you all the best. It is great to see folks taking Samba 4.0 as an AD DC to new and exciting places! Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org
2013/1/16 Varoujan Avanessians <vavanessians at accoes.com>> Hello everone, > > In my Company we are going through a network redesign and Planning to > retire our Novel edirectory, and Novel Servers and replace them with Samba4 > (Over 150 Servers). We have setup a Samba4 test environment which seems to > be working well so far. We are an organization with multiple locations and > over 1200 users, we are also very heavy users of google apps. I have couple > of questions that I need help with. > > 1- Is it possible to Integrate samba4 with Google Apps for Single sign-on, > I know google has and application that Integrates Microsoft Active > Directory with Google Apps, so I assume it should be possible with Samba4 > too. Has anyone tried and used this feature with success? > > 2- We already have over 1200 accounts on Google. Is there a way to Import > these user accounts into samba4? > > I would really appreciate any help in this matter and welcome any > additional suggestions that you may have for a Project of this magnitude. > > -- > *Varouj (V.J.) Avanessians | Sr. Linux Sys Administrator | ACCO Engineered > Systems* > 6265 San Fernando Rd | Glendale, California | 91201- 2214 > (818)-730-5846 Mobile | (818)-244-6571 Main* > * > >Well, having and LDAP directory as your Samba backend could help. GApps has an LDAP sync tool, the only downside is that it needs the password to be hashed with SHA1 or MD5 without salt (less secure). Regards, -- Ciro Iriarte http://cyruspy.wordpress.com --