Hi Samba List, I am developing software which should interop with AD/LDAP, I am looking at using the Samba DC and loading it with some example user accounts. "Interop with AD" means use and AD backend for authentication, retrieval of basic user record and membership info. Simple enough/ In the past, I've implemented similar functionality using OpenLDAP as the reference backend (ie, I wrote much of https://docs.moodle.org/33/en/LDAP_authentication ) . Are there any guides on how to install and configure Samba's DC _standalone_? Any hints or guidance for me? Does Samba's DC component support this mode of operation? For further info, we are developing and testing on a Linux which carries Samba 4.6.x. Also, I'm an old linux hand, and there's a chance you're using software I contributed to :-) thank you! martin (please CC me as I've subscribed 'no-mail') -- martin.langhoff at gmail.com - ask interesting questions ~ http://linkedin.com/in/martinlanghoff - don't be distracted ~ http://github.com/martin-langhoff by shiny stuff
Hi Martin, The best documentation is in the samba in the wiki. http://wiki.samba.org And if you want a "sort of" copy/past howto (debian based). Then go here. https://github.com/thctlo/samba4/tree/master/howtos AD and Member howto. A "standalone" install in debian is just apt-get install samba That gets you a samba 4.5.12 version. ( debian stretch ) If you want simple and more version options to test with. http://apt.van-belle.nl/ I have 4.5.15 4.6.11 4.7.3 build in my apt. Run : samba-tool user And see the options for creating new users. Hope this helps you a bit. Greetz, Louis> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Martin Langhoff via samba > Verzonden: dinsdag 19 december 2017 16:41 > Aan: samba at lists.samba.org > Onderwerp: [Samba] Minimal AD DC server for dev/test setup > > Hi Samba List, > > I am developing software which should interop with AD/LDAP, I am > looking at using the Samba DC and loading it with some example user > accounts. > > "Interop with AD" means use and AD backend for authentication, > retrieval of basic user record and membership info. Simple enough/ > > In the past, I've implemented similar functionality using OpenLDAP as > the reference backend (ie, I wrote much of > https://docs.moodle.org/33/en/LDAP_authentication ) . > > Are there any guides on how to install and configure Samba's DC > _standalone_? Any hints or guidance for me? Does Samba's DC component > support this mode of operation? > > For further info, we are developing and testing on a Linux which > carries Samba 4.6.x. Also, I'm an old linux hand, and there's a chance > you're using software I contributed to :-) > > thank you! > > > > martin > (please CC me as I've subscribed 'no-mail') > -- > martin.langhoff at gmail.com > - ask interesting questions ~ http://linkedin.com/in/martinlanghoff > - don't be distracted ~ http://github.com/martin-langhoff > by shiny stuff > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > >
Thank you Louis! I had https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller in my bag of tricks, now from your link I found https://github.com/thctlo/samba4/blob/master/howtos/stretch-base-2.0-samba-minimal-ad.txt which looks good. Our Linux platform is CentOS at this time (but I've been a DD and long time debianista). I'll go through both. How do you create, query user/group records? I'm used to ldapadd, ldapsearch, etc. thank you, martin On Tue, Dec 19, 2017 at 10:41 AM, Martin Langhoff <martin.langhoff at gmail.com> wrote:> Hi Samba List, > > I am developing software which should interop with AD/LDAP, I am > looking at using the Samba DC and loading it with some example user > accounts. > > "Interop with AD" means use and AD backend for authentication, > retrieval of basic user record and membership info. Simple enough/ > > In the past, I've implemented similar functionality using OpenLDAP as > the reference backend (ie, I wrote much of > https://docs.moodle.org/33/en/LDAP_authentication ) . > > Are there any guides on how to install and configure Samba's DC > _standalone_? Any hints or guidance for me? Does Samba's DC component > support this mode of operation? > > For further info, we are developing and testing on a Linux which > carries Samba 4.6.x. Also, I'm an old linux hand, and there's a chance > you're using software I contributed to :-) > > thank you! > > > > martin > (please CC me as I've subscribed 'no-mail') > -- > martin.langhoff at gmail.com > - ask interesting questions ~ http://linkedin.com/in/martinlanghoff > - don't be distracted ~ http://github.com/martin-langhoff > by shiny stuff >-- martin.langhoff at gmail.com - ask interesting questions ~ http://linkedin.com/in/martinlanghoff - don't be distracted ~ http://github.com/martin-langhoff by shiny stuff
About the last question, I'll be reading up on samba-tool. Apologies. A better question is: can I run the DC without an attached DNS server? How little can I get away with running? In my imagination, I should be able to run just the LDAP+Kerberos parts, AIUI that's all I need, skipping DNS, fileserving, winbind, etc; blame this on my view of AD as a quirky LDAP. Again, scoped for my use cases, which are essentially LDAP-connection-and-lookup against the AD-flavored LDAP that AD contains. thank you, m On Tue, Dec 19, 2017 at 11:01 AM, Martin Langhoff <martin.langhoff at gmail.com> wrote:> Thank you Louis! > > I had https://wiki.samba.org/index.php/Setting_up_Samba_as_an_ > Active_Directory_Domain_Controller in my bag of tricks, now from your > link I found https://github.com/thctlo/samba4/blob/master/ > howtos/stretch-base-2.0-samba-minimal-ad.txt which looks good. > > Our Linux platform is CentOS at this time (but I've been a DD and long > time debianista). I'll go through both. > > How do you create, query user/group records? I'm used to ldapadd, > ldapsearch, etc. > > thank you, > > > > martin > > On Tue, Dec 19, 2017 at 10:41 AM, Martin Langhoff < > martin.langhoff at gmail.com> wrote: > >> Hi Samba List, >> >> I am developing software which should interop with AD/LDAP, I am >> looking at using the Samba DC and loading it with some example user >> accounts. >> >> "Interop with AD" means use and AD backend for authentication, >> retrieval of basic user record and membership info. Simple enough/ >> >> In the past, I've implemented similar functionality using OpenLDAP as >> the reference backend (ie, I wrote much of >> https://docs.moodle.org/33/en/LDAP_authentication ) . >> >> Are there any guides on how to install and configure Samba's DC >> _standalone_? Any hints or guidance for me? Does Samba's DC component >> support this mode of operation? >> >> For further info, we are developing and testing on a Linux which >> carries Samba 4.6.x. Also, I'm an old linux hand, and there's a chance >> you're using software I contributed to :-) >> >> thank you! >> >> >> >> martin >> (please CC me as I've subscribed 'no-mail') >> -- >> martin.langhoff at gmail.com >> - ask interesting questions ~ http://linkedin.com/in/martinlanghoff >> - don't be distracted ~ http://github.com/martin-langhoff >> by shiny stuff >> > > > > -- > martin.langhoff at gmail.com > - ask interesting questions ~ http://linkedin.com/in/martinlanghoff > - don't be distracted ~ http://github.com/martin-langhoff > by shiny stuff >-- martin.langhoff at gmail.com - ask interesting questions ~ http://linkedin.com/in/martinlanghoff - don't be distracted ~ http://github.com/martin-langhoff by shiny stuff