We use AFS/Kerberos/LDAP to provide home directories to our Linux/
Unix/OSX users, our Windows users connect into our Samba domain.
Samba has pretty good AFS support for gatewaying SMB <-> AFS
requests, at a minor weakening of filesystem security. I'm hoping
Samba4 will allow me to use Kerberos all the way through. The
biggest downside to the AFS/Kerberos/LDAP/Samba setup is complexity,
each service is a pain to setup by itself, getting them working
together nearly involved human sacrifice. But the system has been
working for about a year with 99.99% uptime.
A big thanks to all the Samba developers!
Derek
On Nov 10, 2005, at 8:27 AM, mourik jan c heupink wrote:
You have several options. First, there are steps that you can
take to
improve NFS security somewhat, such as restricting it to
particular IP
addresses (although IP addresses can be spoofed). Second, you can
use
NFSv4, which supports proper authentication. Third, you can use an
alternative means of sharing drives to Linux. I've actually been
using SMB to access my Linux server's drives from my Linux client, to
avoid setting up a separate file-sharing service. Several other
options exist - including SSHFS (for more of a quick-and-dirty
approach), AFS, and Coda, but I don't have experience with any of
them.
Thanks very much for the feedback.
since nfs4 is NOT included in sles9 (apparently because it's acl
code is not yet stable..?) I will take look at the two
alternatives you mention.
The feedback was very much appreciated.
Mourik Jan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba