Line 6: |
Line 6: |
| =Samba 4 Packages= | | =Samba 4 Packages= |
| | | |
− | Upstream Centos 6 & 7 do not provide support for the full version of Samba 4. Packages available in the upstream repos are a crippled version of Samba 4 with many of the features associates with Active Directory disabled. The reason for this is detailed here: https://blog.cryptomilk.org/2014/07/09/samba-ad-dc-in-fedora-and-rhel/ A solution to provide Samba 4 active directory does not look to be forthcoming by viewing the Fedora project. | + | Upstream Centos 6 & 7 do not provide support for the full version of Samba 4. Packages available in the upstream repos are a crippled version of Samba 4, with many of the features associates with Active Directory disabled. The reason for this is detailed here: https://blog.cryptomilk.org/2014/07/09/samba-ad-dc-in-fedora-and-rhel/ A solution to provide Samba 4 active directory does not look to be forthcoming by viewing Samba status in the Fedora project. |
| | | |
| To further development of support for Samba 4 on the Koozali SME Server, Samba 4 packages from Sernet were selected. These packages will not immediately install cleaning on SME 9 due to the customization of Centos associated with SME 9, so the Sernet packages where re-built for SME 9. Details of this rebuild along with a link to the rebuilt packages are located in the following bug report: http://bugs.contribs.org/show_bug.cgi?id=8075 | | To further development of support for Samba 4 on the Koozali SME Server, Samba 4 packages from Sernet were selected. These packages will not immediately install cleaning on SME 9 due to the customization of Centos associated with SME 9, so the Sernet packages where re-built for SME 9. Details of this rebuild along with a link to the rebuilt packages are located in the following bug report: http://bugs.contribs.org/show_bug.cgi?id=8075 |
Line 110: |
Line 110: |
| ==DNS== | | ==DNS== |
| | | |
− | Tony to add links here
| + | Samba 4 includes an builtin DNS server that is required for proper operation of active directory. This internal DNS server is for AD functions only and does not provide caching DNS functions. Therefore, further research and development will be required to integrate the Samba DNS with TinyDNS. |
| + | #'''Local Authentication''': Samba 4 provides support for local authentication through PAM. This will need to be looked and and sorted out, especially as it relates to the previous LDAP authentication work. |
| + | |
| + | |
| + | ==LDAP== |
| + | |
| + | Need to look at the LDAP authentication backend and mechanism on SME. On the surface, it looks like all of the Samba related LDAP code will be dropped and much of the standard authentication code will need to be converted to Active Directory auth. This task should include looking at openldap-proxy. |
| | | |
| ==Other Development Tasks to Research and Complete== | | ==Other Development Tasks to Research and Complete== |
| | | |
− | #'''LDAP''': Look at the LDAP authentication backend and mechanism on SME. On the surface, it looks like all of the Samba related LDAP code will be dropped and much of the standard authentication code will need to be converted to Active Directory auth. This task should include looking at openldap-proxy.
| |
− | #'''DNS''': Samba 4 includes an buildin DNS server that is required for proper operation of active directory. This internal DNS server is for AD functions only and does not provide caching DNS functions. Therefore, further research and development will be required to integrate the Samba DNS with TinyDNS.
| |
− | #'''Local Authentication''': Samba 4 provides support for local authentication through PAM. This will need to be looked and and sorted out, especially as it relates to the previous LDAP authentication work.
| |
| #'''Domain Server-Manager Panel''': A new Domain server-manager panel should be developed and the workgroup panel removed. Further discussion will need to take place to determine what needs to go into this new panel. This panel will likely be fairly simple, as much of the configuration parameters associated Samba Active directory will be incorporated into template fragments and database entries. | | #'''Domain Server-Manager Panel''': A new Domain server-manager panel should be developed and the workgroup panel removed. Further discussion will need to take place to determine what needs to go into this new panel. This panel will likely be fairly simple, as much of the configuration parameters associated Samba Active directory will be incorporated into template fragments and database entries. |
| #'''User/Group Server-Manager Panels''': These panels will need to be looked at as they relate to template fragments, adjusting services, and updating database entries associated with Samba. | | #'''User/Group Server-Manager Panels''': These panels will need to be looked at as they relate to template fragments, adjusting services, and updating database entries associated with Samba. |