[Kolab-devel] Integration of Kolab2 and Samba

Ingo Steuwer steuwer at univention.de
Mon Jun 11 15:28:51 CEST 2007 

Am Montag, 11. Juni 2007 14:47 schrieb Alain Spineux:
> I'm speaking about MINIMAL INTEGRATION.
> I mean, openldap configuration should already contains enough stuff to let
> people integrate samba without changing any Kolab configuration!

Don't underestimate the complexity of a minimal integration. A complex point 
are passwords: samba (or better: CIFS) needs by design it's own hashes, so 
new users in Kolab nedd those hashes as well as samba has to change the 
userpasswd if a Domain User changes its password against samba. You also have 
to cover unique SIDs for the also needed Posix-Accounts (G)IDs and 
primary-group-memberships. You can't cover this with a "rule-based-engine" 
mentioned previous.

> This will  keep them to  disturb any already  working kolab server.
> And reduce problem for us (YOU)

If a minimal integration just means "integrate samba.schema" it will lead to 
other integration-problems/questions, beside password-related topics you need 
to be sure that adding users with Kolab is compatble with adding users via 
samba. I'd expect (just a guess, never tried) that samba will add users in a 
place where Kolab-Admin will not find them; adding them with Kolab-Admin will 
lead to duplicate uids which may then fool samba.

>
> For 2.1 successor, YOU will have to redesign  the LDAP tree  for a  better
> mutli-domain support (maybe one tree per domain choise the good UID, ... )
> Just take in account that someone will use this structure for samba !

I'd also expect a boost of interest in Kolab with a working samba-integration 
which can at least cover adduser and password related topics with some 
documentation of a working samba-configuration. To integrate only the 
LDAP-schema will only lead to questions/problems on a technically different 
level.

Best Regards
Ingo Steuwer

> Best regards.
>
> On 6/11/07, Bernhard Reiter <bernhard at intevation.de> wrote:
> > On Thursday 24 May 2007 03:25, Alain Spineux wrote:
> > > Kolab 3 (integrating even limited Samba functionalities) should be a
> > > bigger killer
> > > (referring the idiomatic expression "Exchange killer") than Kolab2 !
> >
> > Note that other vendors have integrated Kolab (Server) to provide such
> > funcationality and might be more suitable as a standards solution
> > in small and medium enviornments with a lower demand for customistaion.
> >
> > E.g. http://www.univention.de/english.html does with its UGS product.
> > They have Samba support and more.
> > Benoit already pointed to GoSa from Gonicus as another example.
> >
> > (Full Disclosure: Univention is a business partner of the
> > Kolab-Konsortium,
> > their UGS Kolab sales financially benefit KK.)
> >
> > Bernhard
> > --
> > Managing Director - Owner: www.intevation.net       (Free Software
> > Company)
> > Germany Coordinator: fsfeurope.org. Coordinator:
> > www.Kolab-Konsortium.com. Intevation GmbH, Osnabrück, DE; Amtsgericht
> > Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr.
> > Jan-Oliver Wagner
> >
> > _______________________________________________
> > Kolab-devel mailing list
> > Kolab-devel at kolab.org
> > https://kolab.org/mailman/listinfo/kolab-devel

-- 
Ingo Steuwer           Projektmanagement        steuwer at univention.de
Univention GmbH        Linux for your Business  fon: +49 421 22 232-43
Mary-Somerville-Str.1  28359 Bremen             fax: +49 421 22 232-99
                       http://www.univention.de

More information about the devel mailing list