RE [Samba] samba & ldap how work group ?
Stéphane PURNELLE
stephane.purnelle at corman.be
Mon Dec 1 14:29:31 GMT 2008
Have you posixAccount objectclass in your ldap tree?
If getent work fine, you can set ACL on group same as you want.
Is secure if users cannot connect to samba PDC.
-----------------------------------
Stéphane PURNELLE stephane.purnelle at corman.be
Service Informatique Corman S.A. Tel : 00 32 087/342467
franck dufau <franckdufau at free.fr>
01/12/2008 15:22
A
Stéphane PURNELLE <stephane.purnelle at corman.be>
cc
samba at lists.samba.org
Objet
Re: RE [Samba] samba & ldap how work group ?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
hye tks for answer,
libnss-ldap.conf & libpam-ldap are installed...
actualy i have modifie libnss-ldap.conf like this :
host 127.0.0.1
base dc=domaine,dc=local
uri ldap://127.0.0.1
rootbinddn cn=admin,dc=domaine,dc=local
bind_policy soft
and pam_ldap.conf like this :
host 127.0.0.1
base dc=domaine,dc=local
uri ldap://127.0.0.1/
i have modifie too nsswitch.conf like this :
passwd: compat ldap
group: compat ldap
shadow: compat ldap
like this win station can use samba pdc with ldap authentification
but on the pdc samba server users of domaine can NOT logging !!
ldap users are not recognized !
BUT when i do as root getent passwd result looks like OK with my users
from domaine !?!
What's wrong ?
many tanks for time and help...
Cordialement
Franck Dufau
Stéphane PURNELLE wrote:
> You must configure nss_ldad and pam_ldap.
>
> And Linux will see accounts and groups in your ldap tree same as
> /etc/group .
>
> Bien à vous
>
>
> -----------------------------------
> Stéphane PURNELLE stephane.purnelle at corman.be
> Service Informatique Corman S.A. Tel : 00 32 087/342467
>
> samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur
> 01/12/2008 14:43:44 :
>
> Hye all,
>
> i have install samba as PDC with openldap authentification everything
> work fine.
>
> But i want to create différent group with différent privileges on folder
>
> How gestion of group work with Openldap authentification because users
> are not in /etc/passwd and domain group are not in /etc/group !?
>
> I don't find information about this...
>
> can you help me ?
>
> cordialement
>
> Franck Dufau
>
- --
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkkz8fkACgkQrKIazktK/hLxVACdFpZVCQEeMCvcx+nLq1gKFg1p
oKoAn2QNxKcTNrTipUekGoIZW2KiZFMV
=s5FS
-----END PGP SIGNATURE-----
More information about the samba
mailing list