Linux LDAP with Windows and Linux Clients

I have been wanting to get LDAP working at home for quite some time. I have recently made the switch from Gentoo to Ubuntu for my server, so I am not 100% well versed in the ways of Ubuntu.

But I will be having both Linux and Windows client machines and was wanting central authentication for both OS's. I know of services/daemons running on my server can use LDAP also, so I am looking to having those use LDAP as well.

So basically I was just wanting to see if anybody has done anything like this, I know this is a pretty vague/general question, but I am just wanting to try out the waters before I jump in.

I am reading https://help.ubuntu.com/community/OpenLDAPServer (does anybody else wonder why they use https for documentation?) and will be reading other items as well to get a firm idea of what all this might entail.

I have done two ldap setups. One here at the office with single signon with linux (running ubuntu). The other is a customer with linux servers and windows client machines.

Here at the office things do just run and generally we don't have any problems. Files to watch out for are nsswitch.conf pam.d pam_ldap.conf and libnss-ldap.conf. These files control how your system will authenticate and where it will look for user/group info.

The customer is a samba/ldap setup. That one is a bit more delicate. Samba will read from ldap just fine but you have to have the smbldap-tools to do any writes. But once things are setup they generally just work.

The one item I ran into early on was dealing with ldap. Openldap at the time didn't come with any db optimizations. The openldap packages now do have some optimizations included and can be tuned to fit your needs. I just found it very annoying early on.

It does work but will take time to get everything setup and running correctly. I will keep an eye out for you posts if you have more specific questions.