Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 11-12-2008, 11:41 PM   #1
Registered: Jun 2005
Posts: 53

Rep: Reputation: 15
Multiple domains in LDAP and 1 samba server for all domains, what to do?

Are there any LDAP admins who can help me with this?

We are a group of 3 companies, all belonging to the same owner, so we share office space and IT infrastructure. Each company has it's own domain name eg.

We want to centralize logins for shell, email and file server accounts (samba/CIFS) using OpenLDAP

I'm completely new to LDAP and have set up a test LDAP server on 1 machine.

I have created a directory database for each company in the /etc/openldap/slapd.conf

So far this is all in the design phase so nothing has really been populated yet.

There are two problems I see in the future:


We want one samba server handling the file server and the logins handled by ldap.

In the samba.conf I would have

ldap admin dn = "cn=smbadmin,ou=people,dc=red,dc=com"

This will allow me to add users to the samba system and authenticate them via LDAP but probably only for the domain
Question is how can I allow the ldap admin DN login to the other domains on LDAP and create or authenticate users there? I'm starting to think that we'll need three samba daemons or servers.


The second problem, how can users from one domain authenticate and search the directory of another domain? I'm flirting with the idea that I should just create one fake domain name and have everyone in that, but I'm sure that's going to cause problems in the future.
Old 11-14-2008, 09:12 AM   #2
Senior Member
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 87
Why not have one 'fake' domain name, and then create users in groups within subdomains within one LDAP db? This really shouldn't pose a problem, since you can configure individual machines to only allow a subset of users.

It does take a lot of work, but I would bet that one database in LDAP is alot easier to implement than three, and it is easily replicated onto other servers if that is required.

Last edited by irishbitte; 11-14-2008 at 09:13 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Sub Domains & Multiple Domains (Apache) lugos Linux - Server 1 09-01-2006 10:22 PM
Can I use a single Samba server for multiple domains? help321 Linux - Software 0 08-11-2004 05:20 AM
Securing Multiple Domains on 1 Server jgillin Linux - Security 1 05-10-2004 06:44 AM
Multiple domains under samba bruceg Linux - Networking 1 11-12-2003 01:16 PM
multiple pop domains one 1 server dafi Linux - Networking 0 08-11-2001 05:57 AM > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:23 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration