Hi all, unexperienced newbie here!
It is my goal to set up Samba shares and a LDAP server on Debian 10. To access the Samba shares from Windows machines, I want to be able to use the credentials of users in the LDAP directory for authentication. E.g. "Max" is a user in the LDAP directory and belongs to the "developers" group. He should be able to connect to the Samba share "development" using his username and password as specified in LDAP.
I followed this installation guide for OpenLDAP and the web interface phpLDAPadmin (I did not do the TLS encryption part). I had to manually download phpLDAPadmin, but everything seems to be working as intended, I can now create users and groups on the web interface.
Next I installed Samba and tested it by creating a new user on my Debian system, set smbpasswd for the new user and edited the smb.conf file accordingly. Also works. I can now connect a network drive on my Windows machine to a Samba share using the username and password of the new user. But obviously, that was not a user from the LDAP directory. I only did this for testing.
A quick Google search led me to this wiki page and I followed the steps in section "For Samba LDAP support" using the cn=config method because I don't have a slapd.conf file (not sure but afaik the slapd.conf is for older LDAP versions).
How do I go from here? I assume I have to edit smb.conf similar to how it is described here: Samba DC with LDAP backend, except that I don't need a domain controller for my Windows login, I just want to access the Samba shares from any local Windows account but using a LDAP user for authentication when connecting a network drive.
Any help would be greatly appreciated!
Charles
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Samba shares with LDAP user authentication
Re: Samba shares with LDAP user authentication
Everything you have written is correct: you just need to set up Samba to use the openldap directory as a source for authentication. You don't need a domain controller, unless you want to switch to networked user accounts entirely (before you do, make sure you can debug issues, or you'll lock yourself out of your computer 
)
A preliminary thought could go towards the choice between rfc2307 and rfc2307bis (the latter is not a standard, but it is supported quite ok and the way GroupOfNames works, just feels more intuitive to me).
Kr,
Vincent
)A preliminary thought could go towards the choice between rfc2307 and rfc2307bis (the latter is not a standard, but it is supported quite ok and the way GroupOfNames works, just feels more intuitive to me).
Kr,
Vincent