I’m in need of implementing a Samba server on openSUSE. Unfortunately it’s the first time I ever try studying about Samba -and on my own-, and though I’ve already searched and read a lot around the web, I think I’m still in need for some advise.
Specifically, I need the server to do 2 things:
a) authenticate users of Windows workstations, so that all actual users are stored in the server and workstations just log in through network.
b) store each user’s data like personal documents, mail accounts, user’s session profile, etc. Users would access all of this through network as well.
For point a) I think this would be the right place to begin with.
Point b) seems kind of discouraging due to what the Introduction section in the above link says about file servers, advising for this instead.
Furthermore, I still don’t know how to create users and how to configure the Windows clients, about which I couldn’t find much information (according to myself…) since much of it is about Samba 3.
In general, could you help me with all of this, either with some advise or some documentation?
If possible, how could I set the whole Samba AD DC either for authenticating and file storing? Or should I better do separate AD member server?
Hi
For a) I think you will find openLDAP will do what you need, for example https://erikberg.com/notes/auth.html that’s an old article so would have to assume it’s improved…
For b) The storing of data via cifs/smb shouldn’t be an issue either, just needs setting up (probably need to run a login script on the windows clients to attach the remote mounts). Again is this a lot of users or just a few?
What hardware are you running on, might be easier to build a VM on say SUSE Studio and run that as a test setup eg build one to to test LDAP, one to test the storage. Then have a windows vm. During development you can snapshot then to roll back any system if something doesn’t work…
When I was first told about the whole task the first thing I thought was “the way most likely should be openLDAP + Samba”. But again, I originally know absolutely nothing about all of this. I barely managed to half way digest all what I read and I’m totally on my own -no one can help me here where I am-. That’s why I thought I already needed help.
Among what I read in other boards, it was said recently the most direct way was solely Samba, since 4.0 onwards now has active directory domain controller functions, with its own implementations of LDAP and Kerberos. This is why I started the thread with Samba questions.
The number of users here in the place is less than 10, so I think they’re few. I don’t know about the server’s hardware, but it’s a circa 10-year-old HP Proliant.
A correction of last minute: there may be indeed some Linux clients, besides the Windows ones.
No, nothing to do with a mail server. I just meant each user to have read/write access to their documents in the server through the network. Documents such as miscelaneos “personal” ones, Outlook/Thunderbird mail data such as mail accounts and their mails themselves -this is what I wanted to mean-, etc. Though each user’s Windows session customizations like wallpaper and other small settings I don’t know if it’s even possible to store…
Also I was told pGina could be risky since it modified some Windows’ Active Directory needed defaults… ???
On Sun 20 Sep 2015 08:16:01 PM CDT, F style wrote:
A correction of last minute: there may be indeed some Linux clients,
besides the Windows ones.
No, nothing to do with a mail server. I just meant each user to have
read/write access to their documents in the server through the network.
Documents such as miscelaneos “personal” ones, Outlook/Thunderbird mail
data such as mail accounts and their mails themselves -this is what I
wanted to mean-, etc. Though each user’s Windows session customizations
like wallpaper and other small settings I don’t know if it’s even
possible to store…
Also I was told pGina could be risky since it modified some Windows’
Active Directory needed defaults… ???
Thanks again.
Hi
I don’t think storing info will be an issue, I would imagine fun on the
windows side to make sure it’s all connected to the share during login
and adding the network share, again it would be some sort of login
script run after authentication.
Did you try the VM?
–
Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 | GNOME 3.10.1 | 3.12.44-52.10-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!