SMB shares and LDAP
On May 21, 2012, at 11:25 PM, Gordon Messmer wrote:
> On 05/21/2012 03:17 PM, aurfalien wrote:
>> Is there some kind of passwd backend option in my smb.conf that allows it to query my OpenLDAP server?
> Presumably, you're trying to avoid a proper setup:
> http://wiki.samba.org/index.php/Replicated_Failover_Domain_Controller_and_file_ser ver_using_LDAP
> If you already have LDAP authentication and NSS set up, and you don't
> want to add Samba related attributes to your directory, you'd need to
> disable "encrypt passwords" in smb.conf and modify the Windows registry
> so that it sends your passwords in plain text:
> Needless to say, the security of this configuration is awful, but not
> worse than if you're using OpenLDAP without SSL.
What should my passdb backend be set to?
Yes, you are correct, I'd rather dispense with having my ldap db be populated with Samba attributes.
I've setup Samba + LDAP before, just unsure how to break the model. I mean the docs are great for doing things proper, just unsure how to do it improper if you know what I mean.
CentOS mailing list