LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 04-10-2008, 06:17 AM   #1
royolsen
LQ Newbie
 
Registered: Apr 2008
Location: Norway
Distribution: Red Hat Enterprise Linux
Posts: 6

Rep: Reputation: 0
Samba - password integration or synchronization


In my environment UNIX/Linux users, groups and passwords are contained in an Open LDAP server which distributes the information to NIS.

Samba is used to provide users a way to access their UNIX/Linux files from Windows clients.

Today the samba users are managed seperately, using the password file backend, which is a bit unconvenient. The linux techs need to manually create samba users on request, and users need to manage their samba password seperately from their global UNIX/Linux password.

In other words, I'm looking for some way to either integrate samba authentication into the existing infrastructure, meaning either LDAP or NIS. Or, create a functional way for samba passwords to be updated along with the UNIX/Linux password.

I know samba is capable of updating passwords when they are changed through CIFS, but in this case the users manage their password from the Linux side while Samba is only an auxiliary service.

To support the exisiting LDAP/NIS solution, the passwd command have been replaced by a script that commits password changes directly to LDAP.

One thinkable solution might be to use the ldap backend for samba, and modify the passwd script to also update a samba password that is stored in LDAP. Though, I'm not sure this is the way to go.

Is there anyone here who have implemented a working solution for this kind of environment? Or even if you haven't - any ideas you might have on the subject is very welcome.
 
Old 04-11-2008, 05:02 PM   #2
cjcox
Member
 
Registered: Jun 2004
Posts: 305

Rep: Reputation: 42
See if this:
http://www.ntlug.org/Articles/SSO

help or not. I specialize in doing things similar to what you are wanting to do. And while I've also done implementations straight to AD, I find that there are ALWAYS problems in doing that. The authentication/replication technique is better IMHO (and works across many, many more platforms).
 
Old 04-11-2008, 05:49 PM   #3
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
The samba-doc package includes the book "Samba 3 by Example" which includes an example using an LDAP & LDAP backup server. The details are rather involved, using (perl or python) ldap scripts in smb.conf to add users, hosts or change passwords and integrating this with PAM (which also needs to be configured). You are configuring more than Samba, but also things like login authentication (PAM-LDAP) and host lookup (/etc/nsswitch & maybe /etc/host.conf). You would be better off if Red Hat has a wizard to set this up. I know that SuSE does, I'm sure Red Hat must. Also look through the Using Samba html book (part of the samba package) and Samba 3 HOWTO & Reference (part of samba-doc). There may be a samba-ldap package that contains the scripts I mentioned.

The samba documentation says that there solution should just be considered a boilerplate and that you should be familiar enough with ldap to adapt their solution. Especially the ldap configuration part which in your case is probably done.
 
  


Reply

Tags
enterprise, ldap, nis, samba


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Password Synchronization for LINUX servers bhandu Linux - General 1 06-07-2007 08:47 PM
Password Synchronization for clustered architecture bhandu Linux - General 2 06-06-2007 09:11 PM
windows to linux password synchronization freesco Linux - Software 4 05-20-2006 08:34 AM
samba and nis password synchronization? preetam Linux - Networking 1 02-10-2004 07:05 PM
SAMBA UNIX password synchronization sewer_monkey Linux - Networking 2 10-30-2002 11:38 AM


All times are GMT -5. The time now is 11:13 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration