Changes

From SME Server
Jump to navigationJump to search
802 bytes added ,  09:24, 8 November 2014
no edit summary
Line 123: Line 123:     
Need to look at the LDAP authentication backend and mechanism on SME.  On the surface, it looks like all of the Samba related LDAP code will be dropped and much of the standard authentication code will need to be converted to Active Directory auth.  This task should include looking at openldap-proxy.
 
Need to look at the LDAP authentication backend and mechanism on SME.  On the surface, it looks like all of the Samba related LDAP code will be dropped and much of the standard authentication code will need to be converted to Active Directory auth.  This task should include looking at openldap-proxy.
 +
 +
==Local and Samba Authenticaion==
 +
#'''Local Authentication''':  Samba 4 provides support for local authentication through PAM.  This will need to be looked and and sorted out, especially as it relates to the previous LDAP authentication work.
 +
#'''Updates to esmith::util perl module''':  This perl module contains function for setting and modifying user passwords.  We will need to redesign these functions to integrate with AD.  Specific changes:
 +
*''setSambaPassword function'':  This function needs to be completely re-written to set the Active directory password instead of the old samba password in smbpasswd
 +
*''cancelSambaPassword function'':  Needs to be re-written for active directory instead of old smbpasswd file
 +
*''local password functions'':  We need to look at these once we decide how we are going to handle local authentication on SME with Active directory.
 +
*''ldapPassword function'':  Need to look at this and likely deprecate it, as we will likely set active directory passwords differently.
    
==Other Development Tasks to Research and Complete==
 
==Other Development Tasks to Research and Complete==
#'''Local Authentication''':  Samba 4 provides support for local authentication through PAM.  This will need to be looked and and sorted out, especially as it relates to the previous LDAP authentication work.
   
#'''Domain Server-Manager Panel''': A new Domain server-manager panel should be developed and the workgroup panel removed.  Further discussion will need to take place to determine what needs to go into this new panel.  This panel will likely be fairly simple, as much of the configuration parameters associated Samba Active directory will be incorporated into template fragments and database entries.
 
#'''Domain Server-Manager Panel''': A new Domain server-manager panel should be developed and the workgroup panel removed.  Further discussion will need to take place to determine what needs to go into this new panel.  This panel will likely be fairly simple, as much of the configuration parameters associated Samba Active directory will be incorporated into template fragments and database entries.
 
#'''User/Group Server-Manager Panels''':  These panels will need to be looked at as they relate to template fragments, adjusting services, and updating database entries associated with Samba.
 
#'''User/Group Server-Manager Panels''':  These panels will need to be looked at as they relate to template fragments, adjusting services, and updating database entries associated with Samba.
board, director
297

edits

Navigation menu