On Wed, 30 Aug 2006, Craig White wrote:
On Wed, 2006-08-30 at 17:35 -0500, Les Mikesell wrote:
> On Wed, 2006-08-30 at 22:23 +0300, Mike Jackson wrote:
>
>>> There seems to be a lot of install/design documentation regarding FDS,
>>> however I've not been able to find a quick "howto" on setting a
FDS up
>>> for a small company. For example, say a shop with 25-50 linux machines
>>> and 150 or so user accounts.
>
>> Hi,
>> FDS includes the posixAccount, posixGroup, and inetOrgPerson object
>> classes. You don't really need more than this to do simple user
>> authentication for linux and apache, as well as basic personnel info
>> management.
>
> And if you want to also use it as a back end for samba windows domain
> authentication with the same users/passwords?
-----
that's a horse of another color
First you would have to import the samba schema appropriate for the
version of samba you are using.
Then you would have to realize that the samba schema has
objectclasses/attributes that have nothing to do with
posixAccount/posixGroup/inetOrgPerson attributes (well, I do use
posixGroup but that is with sambaGroupMapping attributes.
Then you would want to use a client that allows a single password entry
and encodes it for the userPassword (posixAccount/shadowAccount)
attribute and for the sambaNTPassword and optionally the
sambaLMPassword. Clients for this purpose are listed here...
http://wiki.samba.org/index.php/Samba_%26_LDAP
or of course, you can write your own code to accomplish this
Is it really all that different from using an ldap backend as described in the
Samba HowTo??
Is there any reason the idealx scripts and the standard samba schema will not
work?
Just want to be sure I am not missing something, migrating to FDS is on my list
of things to do.
--
Tom Diehl tdiehl(a)rogueind.com Spamtrap address mtd123(a)rogueind.com