Frank Bonnet wrote:

Hi

I've installed Ontap 6.4 that now support LDAP auth with openldap :-)

Now the new challenge ...

We use Samba servers to let windows clients access to their data zone.

Actually windows clients use Samba (with LDAP) servers as PDC Home directories are actually NFS mounted from Samba servers. (that is no good I know)

What I would like to do from a windows client is :

1 - Use Samba server as PDC

during a PDC authentification : - the windoz connect to the filer and negociate auth in providing username/passwd - the filer get these pieces and forward that to the PDC, - the PDC reply to the filer the user is valid and the pass is ok and then validate the user connexion, - the filer gives the user a credential and the windoz machine can connect BUT - this is true for Windows PDC (or 100% compatible) - this is not true for Samba PDC because of a slgihtly different manner to format the reply : Filer can't understand the Samba reply and therefore, Samba can't be used as a PDC for the Filer (try to setup a secondary DC perhaps ?)

2 - Connect to the filer directly using CIFS after authentication

You told windoz users have their home dir in Samba, so I would guess that's not possible. What could be possible is to set up DFS (directory file system) : - the client contact Samba and gives the ressource it would use, - Samba reply where the ressource can be found (which server : here the Filer), - client then contact the Filer and here we go again. BUT As far as I know, Samba doesnt support DFS for now, ... so : for me there is no way to do so (without counting that in this mode, the Filer should be able to serve data over CIFS - did you bought the license ?)

Is it possible ????

Thanks

For me the best would be to buy a windoz PDC and a CIFS license for your Filer. I can be wrong as the time pass, but I was right the last year. Alternatively, wait or ask to Samba devellopment team to make possible to connect a Netapp Filer in their domain.