I have been reading for about two weeks (maybe I'm reading on the wrong places). I have found as many documents as one could expect describind how to build a LDAPv3 server, or how to build samba with ldap. This far, I have failed, and have a BIG confution in the order in wich the things should go:
In one document, they recommend this:
samba -> ldap -> sasl -> kerberos (so, the passwords gets stored in the kerberos database, at least that's what they says, but..... does the samba schema do this in fact? does the samba passwords will be kept in the kerberos database?, or it just store the passwords in the ldap's database).
In other (simplier):
samba -> ldap
and:
kerberos -> ldap (thus, storing the kerberos passwords in the ldap (duh...)).
All that I'm trying to do is to get a PDC with a directory service, but I need it to be secure (that's why I'm bothering with kerberos). Anyway, I would like to know: in wich order should I build the thing?:
Build orders:
1. kerberos, next sasl, next ldap, next samba (configured for samba -> ldap -> sasl -> kerberos).
2. ldap, next samba (just samba -> ldap, without kerberos password storing).
Also, If I use the option 1, should the windows clients use a kerberos client?, or they just login as usual. Has anybody tested something like this?
My system:
Hardware: + Athlon XP 1500+, 512Mb RAM (133).
Software:
+ Slackware 9.1 (with kernel 2.6.5), and most recent upgrades of all packages.
+ OpenLDAP 2.2.8
+ kerberos: MIT kerberos 1.3.2 (read somewhere that it has thread issues, I'm thinking to move to heimdal, any sujestions?), heimdal 0.6.1.
+ samba 3.0.2a
+ cyrus sasl 2.1.18
+ berkley db 4.2.52
+ open ssl 0.9.7d.
Thanks in advance for your help,
Sincerely,
Ildefonso Camargo [EMAIL PROTECTED]
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
