Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

OpenIndiana SAMBA LDAP solution

Posted on 2013-05-18
10
Medium Priority
?
759 Views
Last Modified: 2013-05-21
I'm looking for some input on the best way to get SAMBA with OpenLDAP backend set up and using an OpenIndiana/Nappit box for all storage. I already have my ZFS pool set up and running fine.

I am running 2 Proxmox nodes with Ubuntu server vm's on them for various processing applications. My end users run Windows, OSX and Ubuntu workstations. They shell in to the vm's to run their apps and generally save the output in their home folders. They also need their home folder mappings on their workstations.

So it looks like I need a SAMBA server for them to have home folders and permissions to work accordingly across all platforms. SMB seems to be the best protocol for accomodating such a heterogenous environment. And then to have SAMBA use OpenLDAP for authentication. Does this amount to a SAMBA PDC scenario?

I want to have all data land on the ZFS box first and foremost. So it looks like I will end up having all the vm's mounting shares via cifsmount. I really want to avoid NFS altogether because i see permissions getting tangled up. Plus I want LDAP involved on any data access.
0
Comment
Question by:ronfishtamu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
10 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 2000 total points
ID: 39178669
The process of setting up LDAP/Samba is covered nicely in the Samba docs.

From the description of the environment I think you will be creating/using a Samba PDC. Since LDAP can be used directly for authentication on Linux and OS X and since doing that will mean unique UID's and uniform GID's across the domain, NFS file permissions problems will be non-existent. Allowing Linux and OS X clients to use NFS, which will be more efficient than CIFS. The windows clients will of course be using CIFS, but since LDAP will be mapping windows SID's to linux UID's there won't be permissions issues there.
0
 

Author Comment

by:ronfishtamu
ID: 39178680
thank you for replying! i have found what seems to be straightforward documentation on setting up the ldap server and samba on the solaris zfs box itself. have you seen this done with any issues before?

thanks again.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 39178735
While I haven't done this on a Solaris box. I have a number of environments that are very similar. Each has a Linux server with OpenLDAP/Samba providing authentication & file storage to a network containing Linux, Windows, & OS X clients. In a few cases there are additional Linux pure file servers to meet the data flow requirements. Once properly set up I've had no issues.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Closing Comment

by:ronfishtamu
ID: 39178928
great response!
0
 

Author Comment

by:ronfishtamu
ID: 39185948
Haha, spoke too soon. Solaris fell into Oracle's hands, I think they prefer it having a Solaris LDAP server as well.

Gonna throw LDAP and Samba on a vm and shoot the data thru iscsi to the Solaris box. Bottleneck or not I need it done. Maybe I can IOMMU the NIC on the vm.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 39186000
OpenLDAP + smbldap-tools will result in a Linux/Unix/Windows integrated environment. I don't know how that combination will play with the native Solaris LDAP system.
0
 

Author Comment

by:ronfishtamu
ID: 39186016
i just grabbed the openldap vm and the pdc drop in vm from Turnkey. Gonna tie them together with the tools and see if I get lucky.

Do you use the phpldapadmin or similar to manage the LDAP users?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 39186043
I mostly manage these networks from the command line, but I do install phpldapadmin and use it occasionally.
0
 

Author Comment

by:ronfishtamu
ID: 39186054
thank you for your time I know you're busy. One last thing and i will pull my bootstraps up and go forth.

The first order of business for me when this is in production is to migrate my users off NIS and on to LDAP. Since it is obvious I look for shortcuts, do you know of a script or tool of some sort that would automate this? There are around 50 users on this network.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 39186102
What you need to do depends on the client OS. The configuration for Ubuntu will be different than that for CentOS/Redhat/Unix and different for OS X or windows. For a given OS you might be able to use a script, once you know exactly what changes are needed.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Finding original email is quite difficult due to their duplicates. From this article, you will come to know why multiple duplicates of same emails appear and how to delete duplicate emails from Outlook securely and instantly while vital emails remai…
When we purchase storage, we typically are advertised storage of 500GB, 1TB, 2TB and so on. However, when you actually install it into your computer, your 500GB HDD will actually show up as 465GB. Why? It has to do with the way people and computers…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question