Re: OpenBSD server with samba and openldap

Thu, 14 May 2009 15:50:12 -0700 

I recall seeing in the samba docs that setting the account info in
samba could optionally also add the entries on the unix side - meaning
you only need to set set it once. I'm hazy on the details, perhaps look
into alternatives to using LDAP. When I've done this I've always
entered them separately.

One unrelated point I'd like to make is performance - I've found
really annoying connection delays, particularly with word and excel.
Transfer rates are ok, it's opening and saving files that's an
issue.
Extensive googling and I could make it tolerable at best. As this is
for a client, it's proved to be an embarasment. I would dearly love to
find I'm doing something wrong, and I expect that I will, but my
advice would be to check it out without committing yourself, if
that's possible.
I did find one article on the net that said that all bsd's suffer
performance issues with samba, and the Samba docs do seem to be
completely linux-centric.
I'll check out the link below.


paul


On 14/05/2009, at 8:25 PM, BSD nuub wrote:


Dear misc@ readers,
I'm planning to set up a OpenBSD 4.5 based server serving a local
network with Windows XP based client computers.
There's no mention of this in the OpenBSD faq, but I found a nice
guide that seems to be pretty recent and up-to-date.

http://www.kernel-panic.it/openbsd/pdc/pdc4.html
On this page, there's something that bothers me:

"Please note that, though Samba account information will be stored in
LDAP, smbd(8) will still obtain the user's UNIX account information
via the standard C library calls, such as getpwnam() (see
documentation); unfortunately, OpenBSD's standard C libraries don't
support LDAP, thus forcing us to define Samba users also as local Unix
accounts."

"This means a little more work for the system administrator, who will
need to define users twice, but won't affect the overall system
security since Unix users won't need to be able to logon to the
system."


Now, I'm thinking that this problem maybe can be solved with this:
http://openbsd.rutgers.edu/bsdauth/
+
http://openports.se/sysutils/login_ldap
?

Anyone else already done this in a better/smarter way?

Thanks for your time!
/bsdnuub

Reply via email to