I recall seeing in the samba docs that setting the account info in samba could optionally also add the entries on the unix side - meaning you only need to set set it once. I'm hazy on the details, perhaps look into alternatives to using LDAP. When I've done this I've always entered them separately.
One unrelated point I'd like to make is performance - I've found really annoying connection delays, particularly with word and excel. Transfer rates are ok, it's opening and saving files that's an issue. Extensive googling and I could make it tolerable at best. As this is for a client, it's proved to be an embarasment. I would dearly love to find I'm doing something wrong, and I expect that I will, but my advice would be to check it out without committing yourself, if that's possible. I did find one article on the net that said that all bsd's suffer performance issues with samba, and the Samba docs do seem to be completely linux-centric. I'll check out the link below. paul On 14/05/2009, at 8:25 PM, BSD nuub wrote:
Dear misc@ readers, I'm planning to set up a OpenBSD 4.5 based server serving a local network with Windows XP based client computers. There's no mention of this in the OpenBSD faq, but I found a nice guide that seems to be pretty recent and up-to-date. http://www.kernel-panic.it/openbsd/pdc/pdc4.html On this page, there's something that bothers me: "Please note that, though Samba account information will be stored in LDAP, smbd(8) will still obtain the user's UNIX account information via the standard C library calls, such as getpwnam() (see documentation); unfortunately, OpenBSD's standard C libraries don't support LDAP, thus forcing us to define Samba users also as local Unix accounts." "This means a little more work for the system administrator, who will need to define users twice, but won't affect the overall system security since Unix users won't need to be able to logon to the system." Now, I'm thinking that this problem maybe can be solved with this: http://openbsd.rutgers.edu/bsdauth/ + http://openports.se/sysutils/login_ldap ? Anyone else already done this in a better/smarter way? Thanks for your time! /bsdnuub