Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 7 Sep 2009 09:37:51 +0200
From:      Ruben de Groot <mail25@bzerk.org>
To:        Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
Cc:        ruel.freebsd@gmail.com, Johan@double-l.nl, freebsd@edvax.de, mail25@bzerk.org, freebsd-questions@freebsd.org
Subject:   Re: Samba PDC with LDAP backend
Message-ID:  <20090907073751.GA21033@ei.bzerk.org>
In-Reply-To: <200909040743.n847h0n4030375@banyan.cs.ait.ac.th>
References:  <ee9dc2b40907200150q3b27bf75g92ab559b20e3e56@mail.gmail.com> <20090720105553.a665479b.freebsd@edvax.de> <ee9dc2b40907200210v6ff60c84va89149072bcef8a4@mail.gmail.com> <ee9dc2b40907200234v450bc3e9w69b949420b653f29@mail.gmail.com> <200907201017.n6KAHBmE003738@banyan.cs.ait.ac.th> <ee9dc2b40907200321g584566aar2a4d1d8ca18d5f82@mail.gmail.com> <ee9dc2b40907200322m649f36c5kbfc183a34446408a@mail.gmail.com> <20090720105128.GA88495@ei.bzerk.org> <ee9dc2b40909040003v633b89b4pd600b9436e77235e@mail.gmail.com> <200909040743.n847h0n4030375@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, Sep 04, 2009 at 02:43:00PM +0700, Olivier Nicole typed:
> Hi Ruel,
> 
> > But, I have one question left..
> > How do you join the Windows xp client on the domain? Is there another tweak
> > must be done?
> 
> The same way a PC would join any samba domain.
> 
> The PC joining Samba does not know that Samba is using LDAP or
> anything else for authentication, so the PC talks to Samba the way it
> always does/did.
> 
> (I managed, with some effort, to replace one Samba server
> authenticating to Unix /etc/passwd, by a Samba server authenticating
> with LDAP, without the XP clients noticing, that is nothing at all to
> be done on XP).

Yes, I have a script that does precisely this (read master.passwd, smbpasswd
and group and create an LDIF to import into LDAP. This is now being used for
the migration of 1200 samba servers from backend=smbpasswd to backend=ldapsam.

Most important things is preserving the SID's (net getlocalsid) and group mappings
(net groupmap list). Windows clients will not notice any difference.

Ruben

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090907073751.GA21033>