Tomasz:
I had heard that some people were interested in caching passwords (which
could be stored in NIS, or LDAP) on linux laptops so that a user could
log in even when disconnected from their LDAP or NIS domain.
The theory was that the nss (name service switch) and nscd (name service
cache daemon) system(s) could be tuned/modified to cache this information.
As far as I know, this has not been done/tested for use w/ samba the way
you describe.
See section: 2.1.4 The Name Service Caching Daemon
http://www.saas.nsw.edu.au/solutions/ldap-auth-pam.html
-Bill
Tomasz Chmielewski wrote:
I've been using Samba with OpenLDAP with great success on normal servers.
Recently however, it appeared to us that for remote locations it is
more economically viable to replace Samba servers with Samba running
on little routers like ASUS WL-500g with openwrt firmware/software.
It has a broadcom/mipsel CPU, and thanks to openwrt
(http://openwrt.org), it is possible to run lots of software on it.
Pretty nice for small offices - small, no fan, no hard disk etc. other
moving parts (you can connect a USB stick to it if you want to store
files/profiles).
There is one glitch however - no OpenLDAP port.
So a Samba domain controller running on these tiny routers would have
to authenticate users users against an external OpenLDAP server
(probably in the company headquaters).
My experience shows that a company with several branches located
throughout the city/country/world have connectivity problems from time
to time (especiall when there is no IT staff in the branches).
With no local LDAP server this would mean users not able to work (as
they can't authenticate).
Is it possible to set up Samba to "cache" credentials retrieved from
the LDAP, and when LDAP is unavailable, to use these cached credentials?
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
