samba - Apr 2014 - Ideas how to use Samba 4 AD and still offer standard LDAP authentication?

Hi,

I have a working Samba 4 AD which is used by Windows clients. I also 
have an LDAP server for use with Linux servers and web applications.

What I really need is the Samba 4 AD to be the single maintained 
authentication database while providing an LDAP compatible server for 
web applications (and preferably Linux). I've looked at extending the 
Samba 4 schema, but that doesn't seem very easy (or even possible to 
maintain?).

Any ideas on how to do this? I don?t mind running an extra LDAP server 
as long as I have a way to sync the user accounts and groups from the 
Samba AD.

Help would be greatly appreciated.

As a side note, it would be awesome if Samba would provide a builtin 
parameter to add and maintain posix attributes in the schema that would 
have the values derived from their AD counter parts.

Regards,

Kurt

On 16/04/14 21:26, kurt at a-netti.com wrote:
> Hi,
>
> I have a working Samba 4 AD which is used by Windows clients. I also
> have an LDAP server for use with Linux servers and web applications.
>
> What I really need is the Samba 4 AD to be the single maintained
> authentication database while providing an LDAP compatible server for
> web applications (and preferably Linux). I've looked at extending the
> Samba 4 schema, but that doesn't seem very easy (or even possible to
> maintain?).
>
> Any ideas on how to do this? I don?t mind running an extra LDAP server
> as long as I have a way to sync the user accounts and groups from the
> Samba AD.
>
Microsoft AD and hence Samba AD are in essence LDAP servers, abait with 
a particular schema  and you can for the most part interface with them 
just as if they where. Certainly as far as any web applications a Samba 
AD server can be treated like a LDAP server.

What in particular makes you think that this is not the case?


JAB.

-- 
Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.