From owner-freebsd-questions@FreeBSD.ORG Mon Sep 7 07:38:09 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D9CF11065672 for ; Mon, 7 Sep 2009 07:38:09 +0000 (UTC) (envelope-from mail25@bzerk.org) Received: from ei.bzerk.org (tunnel490.ipv6.xs4all.nl [IPv6:2001:888:10:1ea::2]) by mx1.freebsd.org (Postfix) with ESMTP id 45F058FC0C for ; Mon, 7 Sep 2009 07:38:09 +0000 (UTC) Received: from ei.bzerk.org (BOFH@localhost [127.0.0.1]) by ei.bzerk.org (8.14.2/8.14.2) with ESMTP id n877brsF021089; Mon, 7 Sep 2009 09:37:54 +0200 (CEST) (envelope-from mail25@bzerk.org) Received: (from bulk@localhost) by ei.bzerk.org (8.14.2/8.14.2/Submit) id n877bqAG021088; Mon, 7 Sep 2009 09:37:52 +0200 (CEST) (envelope-from mail25@bzerk.org) Date: Mon, 7 Sep 2009 09:37:51 +0200 From: Ruben de Groot To: Olivier Nicole Message-ID: <20090907073751.GA21033@ei.bzerk.org> Mail-Followup-To: Ruben de Groot , Olivier Nicole , ruel.freebsd@gmail.com, Johan@double-l.nl, freebsd@edvax.de, freebsd-questions@freebsd.org References: <20090720105553.a665479b.freebsd@edvax.de> <200907201017.n6KAHBmE003738@banyan.cs.ait.ac.th> <20090720105128.GA88495@ei.bzerk.org> <200909040743.n847h0n4030375@banyan.cs.ait.ac.th> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200909040743.n847h0n4030375@banyan.cs.ait.ac.th> User-Agent: Mutt/1.4.2.3i X-Spam-Status: No, score=-4.1 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, J_CHICKENPOX_66 autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on ei.bzerk.org X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0.1 (ei.bzerk.org [127.0.0.1]); Mon, 07 Sep 2009 09:37:57 +0200 (CEST) X-Mailman-Approved-At: Mon, 07 Sep 2009 14:54:58 +0000 Cc: ruel.freebsd@gmail.com, Johan@double-l.nl, freebsd@edvax.de, mail25@bzerk.org, freebsd-questions@freebsd.org Subject: Re: Samba PDC with LDAP backend X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Sep 2009 07:38:09 -0000 On Fri, Sep 04, 2009 at 02:43:00PM +0700, Olivier Nicole typed: > Hi Ruel, > > > But, I have one question left.. > > How do you join the Windows xp client on the domain? Is there another tweak > > must be done? > > The same way a PC would join any samba domain. > > The PC joining Samba does not know that Samba is using LDAP or > anything else for authentication, so the PC talks to Samba the way it > always does/did. > > (I managed, with some effort, to replace one Samba server > authenticating to Unix /etc/passwd, by a Samba server authenticating > with LDAP, without the XP clients noticing, that is nothing at all to > be done on XP). Yes, I have a script that does precisely this (read master.passwd, smbpasswd and group and create an LDIF to import into LDAP. This is now being used for the migration of 1200 samba servers from backend=smbpasswd to backend=ldapsam. Most important things is preserving the SID's (net getlocalsid) and group mappings (net groupmap list). Windows clients will not notice any difference. Ruben