integration of samba pdc with ldap backend into kolab



  • Hi all,

    since I was not very happy with the available possibilities for a simple
    management of a samba pdc (not AD) I thought about to integrate such a
    management feature into kolab / kolab-webadmin. There are of course some
    ready made distributions like clearos, ucs or freeipa - but they are
    heavy and do not fit all the time in an existing environment. But the
    main point: they are mostly not integrated into a groupware. I tried the
    ldap account manager - but in the open source version it doesn't go
    together with kolab because it doesn't support groupofuniquenames.

    So I did the following steps:

    • import the samba ldap schema into 389-ds (why isn't it by default?)
    • added a kolab user type with all the necessary samba attributes
    • configured the ldap aci for enable self writing of some attributes
    • did some simple changes in kolab webadmin for syncing samba
      passwords and getting samba domain configuration from
      kolab.conf

    While I did the provisioning of the samba domain with the samba-ldap
    tools, in the result we can now manage users and groups easily from the
    kolab webadmin.

    What do you think? Is it worth to share this in any howto? Do other
    people still use samba pdc? Would it make sense to integrate this in the
    kolab-webadmin code?



  • Hi Jan.

    Yes, that would be very helpful. I am just embarking on setting up a new system with Samba 4 as an Active Directory DC and will also be deploying Kolab 16.1 when it becomes available.

    thanks,

    Geoff



  • Hi,

    What do you think? Is it worth to share this in any howto? Do other
    people still use samba pdc? Would it make sense to integrate this in the
    kolab-webadmin code?

    yes, that would be great. Doesn't matter where you look at the IT World. You need a Central User Management,
    in the most environment (Office) there is a AD DC System installed. And with Kolab you get at the moment a Second User Management, which of Course make thing complicated.

    Could you Please explain how you done the Integration ?

    Best Regards
    Andreas


Log in to reply