Discussion: scenarios to choose an account provider

Nice catch, @flatspin: updated the screenshot:

Install a local accounts provider; once installed, it must not be removed

This is a further enhancement. I hope to fix nethserver-dc and implement the procedure to change its IP address from the web interface.


I like the idea provided by @davidep but like others in this thread, I think that there needs to be more documentation / help for this feature (including a more comprehensive explanation of how a NS based server could be implemented into an existing Microsoft based infrastructure).

Also, maybe some form of ‘reset back to default’ function that reverts the server back to the default / original IP and removes both authentication providers.

1 Like

great idea!

If that would fold, am immediately at the test thereby.

We have a package in testing! To install /cc @quality_team

yum --enablerepo=nethserver-testing update nethserver-sssd
1 Like

We should also add some comments like I’ve seen @davidep (I vaguely recall) post, for example, if you’re building a standalone mail server, then ldap is best and it needs to be stressed that authenticated file sharing must use samba ad.

How would you reword it?

There are two kinds of accounts provider available for this local server:

* Samba Active Directory; ideal for Windows networks and Outlook based email, required for authenticated file sharing and windows client administration.
* LDAP; ideal for standalone gateways and mail servers, file sharing is not authenticated.

I’m spitballing here…


This is a big word! I wouldn’t say it here :rolling_eyes:


Yeah, wasn’t sure really, like I said, I’m spitballing… kinda like using those Active Directory words too.

LOL :joy:

Was not me! It’s Samba Active Directory

Outlook and Active directory, isn’t that a bit like devil worship? :wink:

Seriously, I am not sure about including terms like Outlook (which could use IMAP and POP3 accounts) or include “file sharing is not authenticated” (file shares could also be achieved via nextcloud / webdav and LDAP authentication – therefore the statement is misleading)

@medworthy agreed, it’s a nightmare really, how do you condense the choice between samba4 and ldap to a couple of sentences the enthusiastic and uneducated can understand and use.

Maybe we should push samba4 by default and have ldap available to those that know what they’re doing, in one office my mail and web server is ldap and the file share and sync server is samba cuz reasons.

But I hate having a gateway share office server functions, even at home, to easy for a newb to offer all the services to the internetz.


Well, maybe I was a bit off-topic by reviving this discussion thread…

The goal of the enhancement to “Users and groups” page is not to depict any possible scenario to deploy NethServer (aka, gateway, mail, file sharing, pbx - soon,…). Instead, it’s giving a bare minimum information and directing the User to the right page.

To keep it bare my proposal consists of:

  1. local/remote distinction: it’s the key choice to move to the next page
  2. AD/LDAP: useful in “local” case, to understand what to install. I want to highlight the limitations on Shared Folders
  3. @flatspin’s amendment - no way back

I would release it as-is. We can improve it with our experience.


I agree with with @davidep . Someone who is setting up even a "simple homeserver " has some skills and should know what he/she is doiing. The hint about the choice is enough. Everyone should recognize that he/she has to do a decision and every decision can only be made if there is a knowledge about the matter. It’s never a good idea to a blind decision, not IRL nor by setting up a computer. :wink:

1 Like

I agree, let’s test it so we can tailor it to our needs along the way.

It could be a first step in that direction :slight_smile:

Released in updates: