Re: RFC [Samba/NIS + LDAP]

[Adam Tauno Williams <adam@morrison-ind.com>]

>>I am an OpenLDAP newbie, and have been doing some cursory
>>examination
>>of  what might be possible with unifying authentication for my Linux
>>and  Windows boxes.  I understand Samba can use NIS as a basis of
>>authentication, and than the nss_ldap modules allows NIS lookups to be
>>done against a LDAP directory.  I currently have no windows servers
>>(only a workgroup that I inherented), and am considering using the
>>Samba  2.2.x codebase to implement a PDC/Domain with a LDAP backend
>>that  understands NIS (via the nis schema, from what I gather).  Has
>>anyone  done anything like this?  Any pitfalls?  Howtos?  URLs? :-)
>Careful: NIS authentication and nss_ldap are not related.  'nss' stands
>for 'name service switch,' and is related to system calls like getpwnam(). 
>LDAP can be used as a *replacement* for NIS authentication, but the two
>aren't really related beyond that.
>And with that said, ignoring all NIS stuff, yes, you should be able to
>setup Samba/TNG (I don't think the main branch supports ldap yet) with
>openldap to do authentication, and nss_ldap or pam_ldap (see padl.com - 
>they're not supported here) for system-level authentication and file 
>ownership.

There are patches to add LDAP suppoer to Samba 2.2.1/2.2.1a and LDAP support is
*included* in Samba 2.2.2.  Have ~80 WinY2k and Win9x boxes authenticating of a
Samba 2.2.1a + LDAP server as we speak.  Works great.  Linux boxes authenticate
to the LDAP natively.

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW
Grand Rapids, MI. 49505