Integrate into Linux/Windows Network

mbydalek

Registered
To start things off, I'm pretty new to OS X, but I've been around *nix for years, so I sort of know what I'm doing when I get into a Mac terminal ;)

Anyways, what I'm looking for is some advice as to how to integrate OS X into a LDAP/Samba controlled network. I've searched around and have tried a bunch of things, but there seems to be caveats to everything I try.

My goal is to have a single LDAP database for user/passwords, and ideally to have all data stored on a central file server. The way I have it now for the Mac's we have is that they are doing LDAP authentication, which works great.

The problem comes into play with the remote home directories, which as of this moment I am doing via. NFS. What happens is that it just seems *slow*, very slow (which is somewhat to be expected). The other problem I have with this is the whole NFS security (or lack thereof).

Ideally I would like to mount_smb everything, but in order to do that, you need a username and password, which I don't think you can grab from the login. I hate to say it, but I'm looking for a method to duplicate what Windows does when mounting a remote share - it first tries the currently logged in user and password, and if that fails, prompts the user for input.

Basically I'm just looking to see how people are using OS X in a corporate environment which doesn't include local accounts and has shares mounted dynamically.

If you have any ideas on how I can get all these laptops to work correctly in our network, it would be greatly appreciated.

The laptops we have are all 10.3.x and 10.4.x (which complicates things further) and they are all laptops via. wireless (which again complicates things).

Thanks,
Mike
 
I'm sure you've already tried this, but if you check in Applications-->Utilities you'll find an application called Directory Services or Directory Access (can't remember the name exactly). There you can set up what services you want available to the Macintosh. This was available as of Jaguar (10.2) and more features have been added to it since.
 
Yes, I've already setup LDAP authentication in the Directory Access. It would be great to setup SMB authentication, but it doesn't look like it's supported.

Again, I'm not really sure what the best route would be. Ideally, I'd like SMB auth and smb mounting all in one shot (like how Windows does it), but it looks like I can only do LDAP and NFS (which is incredible insecure).

Thanks,
Mike
 
Hmm....there should be an option for SMB authentication (or a least to let it know what domain/workgroup it's in) in Directory Access. I know I've seen it in 10.2 as well as the ADS options in 10.3. Haven't seen what it looks like in Tiger yet.
 
Well, there are SMB/CIFS options in 10.2 (my current test machine), but I can't authenticate using that. It seems my best bet is to authenticate via. LDAP (which is no problem) and figure out how to mount drives a non-NFS way.

With that being said, how the heck do you really connect an OS X machine to Samba the way you would a Windows workstation? I mean, you would think there would be a way, but I'm not an expert on Samba clients as I've just always dealt with the server side.

I've seen some scripts to smb_mount on login, but from what I've seen that requires you to store the username/password in the script, which completely defeats the purpose of the secured enviornment.

Any ideas?
 
Back
Top