[prev in list] [next in list] [prev in thread] [next in thread]
List: kolab-users
Subject: Re: integration of samba pdc with ldap backend into kolab
From: Jan Kowalsky <jankow () datenkollektiv ! net>
Date: 2016-11-22 22:35:12
Message-ID: 5834C820.8060601 () datenkollektiv ! net
[Download RAW message or body]
Am 21.11.2016 um 19:16 schrieb Geoff Nordli:
> =
> =
> On 2016-11-21 06:34 AM, Carlos R Laguna wrote:
>> El 17/11/16 a las 19:53, Geoff Nordli escribi=F3:
>>>
>>> On 2016-11-17 02:49 PM, Jan Kowalsky wrote:
>>>> Hi all,
>>>>
>>>> since I was not very happy with the available possibilities for a
>>>> simple
>>>> management of a samba pdc (not AD) I thought about to integrate such a
>>>> management feature into kolab / kolab-webadmin. There are of course
>>>> some
>>>> ready made distributions like clearos, ucs or freeipa - but they are
>>>> heavy and do not fit all the time in an existing environment. But the
>>>> main point: they are mostly not integrated into a groupware. I tried
>>>> the
>>>> ldap account manager - but in the open source version it doesn't go
>>>> together with kolab because it doesn't support groupofuniquenames.
>>>>
>>>> So I did the following steps:
>>>>
>>>> * import the samba ldap schema into 389-ds (why isn't it by
>>>> default?)
>>>> * added a kolab user type with all the necessary samba attributes
>>>> * configured the ldap aci for enable self writing of some attributes
>>>> * did some simple changes in kolab webadmin for syncing samba
>>>> passwords and getting samba domain configuration from
>>>> kolab.conf
>>>>
>>>> While I did the provisioning of the samba domain with the samba-ldap
>>>> tools, in the result we can now manage users and groups easily from the
>>>> kolab webadmin.
>>>>
>>>> What do you think? Is it worth to share this in any howto? Do other
>>>> people still use samba pdc? Would it make sense to integrate this in
>>>> the
>>>> kolab-webadmin code?
>>>>
>>>> Best regards
>>>> Jan
>>>> _______________________________________________
>>>> users mailing list
>>>> users@lists.kolab.org
>>>> https://lists.kolab.org/mailman/listinfo/users
>>>
>>> Hi Jan.
>>>
>>> Yes, that would be very helpful. I am just embarking on setting up a
>>> new system with Samba 4 as an Active Directory DC and will also be
>>> deploying Kolab 16.1 when it becomes available.
>>>
>>> thanks,
>>>
>>> Geoff
>>>
>>>
>>> _______________________________________________
>>> users mailing list
>>> users@lists.kolab.org
>>> https://lists.kolab.org/mailman/listinfo/users
>>>
>> Hi Geoff,
>>
>> Last time i check samba4 does not use ldap as backend anymore, how
>> would you plan to use samba4 as kolab primary backend ?
>>
>>
> =
> Hi Carlos.
> =
> It has been a while since I have done samba work. I haven't used Samba4
> yet and I didn't know it shipped with its own internal ldap server.
> =
> Have you tried integrating the two together?
> =
> It seems like I will have to create two silos, or maybe look at using
> the older 3.x version.
Hi Goff,
as Carlos wrote, it's not possible to use an external ldap backend for
samba4 - if you use it as an AD. But if a PDC is sufficiant it works. So
- to avoid misunderstandings - it's samba4 - but not with AD. My
question was indeed related to this point: how people use samba.
Primarily as AD replacement - or still with less functionality as PDC.
If you need AD, there have been some earlier posts on the list with the
suggestion to use sync tools like LSC.
Regard
Jan
_______________________________________________
users mailing list
users@lists.kolab.org
https://lists.kolab.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic