Finding a way in the LDAP/Samba labyrinth

From Samba3 to Samba4, or something else ?

Written by ajz September 20, 2018

Since quite a while I'm looking at options for upgrading a Samba3+OpenLDAP server install. Samba4 has been in development for > 10 years [1] Samba4 is a big chance, and drops the support for plain OpenLDAP setups, basically because Samba4 has its own new LDAP implementation with Kerberos. Various Linux distributions have switched to Samba4 as the default [2]. I found out that CentOS6, which is still supported for some time, has Samba3 packages. I worked on that this week but I needed much time to make the OpenLDAP + Samba work together. Setting up OpenLDAP was going well, but I got stuck at the samba schema part, and I noticed that CentOS volunteers didn't update some of their documentation for a long time. So, I wondered about dropping Samba altogether. Nextcloud + OpenLDAP is something that I tried but Nextcloud is a Dropbox alternative and not meant for extensive collaborative document editing (though one can make Collabora and Onlyoffice work inside Nextcloud), as Nextcloud doesn't have a proper file locking included. Reading this : https://github.com/nextcloud/server/issues/1308#issuecomment-387097509 where people mentioned file locking in Seafile software, I got enthusiastic about testing Seafile. I had tried Seafile a few years ago, and it looked a bit primitive. When I tested it now, the design looked much better, and the server install part was easier. Just when I got Seafile test virtual server to work fine, including WebDAV serving, as well as Onlyoffice Document server, and OpenLDAP integrated, I noticed that file locking was not working. I could open a file via Onlyoffice, and via the desktop client could open it with LibreOffice, and two different test users could edit the document at the same time and save it, without the other test user noticing the other user changes in the document, and losing their own changes! Impressed by Seafile as Dropbox alternative, really nice, but the "Freemium" as seen here https://alternativeto.net/software/seafile/ does kind of apply, although it is open source. And then I noticed : https://www.seafile.com/en/product/private_server/ the file locking part in Community Edition vs. Professional Edition That was a little bit sad, but still an interesting experience to test a newer Seafile server with client software. Meanwhile I also played with OpenMediaVault, and making it work with my existing OpenLDAP server went fine and was easy. I'm curious how this file server adventure will continue.

[1] https://ldapcon.org/2017/wp-content/uploads/2017/08/Ivanova_LDAPCon2017_samba_backend.pdf [2] https://gist.github.com/zhang-xin/561337f99a4b2dbd8e23

This article is under the CC-0 license.

ajz

Linux sysadmin for work and hobby. https://mastodon.host/@Ajz

Login or use your Fediverse account to interact with this article

Comments

No comments yet. Be the first to react!