LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 11-13-2008, 12:41 AM   #1
xnomad
Member
 
Registered: Jun 2005
Posts: 53

Rep: Reputation: 15
Multiple domains in LDAP and 1 samba server for all domains, what to do?


Are there any LDAP admins who can help me with this?

We are a group of 3 companies, all belonging to the same owner, so we share office space and IT infrastructure. Each company has it's own domain name eg.

red.com
blue.com.au
green.com.au

We want to centralize logins for shell, email and file server accounts (samba/CIFS) using OpenLDAP

I'm completely new to LDAP and have set up a test LDAP server on 1 machine.

I have created a directory database for each company in the /etc/openldap/slapd.conf

So far this is all in the design phase so nothing has really been populated yet.

There are two problems I see in the future:

1.

We want one samba server handling the file server and the logins handled by ldap.

In the samba.conf I would have

ldap admin dn = "cn=smbadmin,ou=people,dc=red,dc=com"

This will allow me to add users to the samba system and authenticate them via LDAP but probably only for the domain red.com.
Question is how can I allow the ldap admin DN login to the other domains on LDAP and create or authenticate users there? I'm starting to think that we'll need three samba daemons or servers.


2.

The second problem, how can users from one domain authenticate and search the directory of another domain? I'm flirting with the idea that I should just create one fake domain name and have everyone in that, but I'm sure that's going to cause problems in the future.
 
Old 11-14-2008, 10:12 AM   #2
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
Why not have one 'fake' domain name, and then create users in groups within subdomains within one LDAP db? This really shouldn't pose a problem, since you can configure individual machines to only allow a subset of users.

It does take a lot of work, but I would bet that one database in LDAP is alot easier to implement than three, and it is easily replicated onto other servers if that is required.

Last edited by irishbitte; 11-14-2008 at 10:13 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sub Domains & Multiple Domains (Apache) lugos Linux - Server 1 09-01-2006 11:22 PM
Can I use a single Samba server for multiple domains? help321 Linux - Software 0 08-11-2004 06:20 AM
Securing Multiple Domains on 1 Server jgillin Linux - Security 1 05-10-2004 07:44 AM
Multiple domains under samba bruceg Linux - Networking 1 11-12-2003 02:16 PM
multiple pop domains one 1 server dafi Linux - Networking 0 08-11-2001 06:57 AM


All times are GMT -5. The time now is 05:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration