[Samba] LDAPSam + Samba 3 Alpha 20
Geoffrey Antos
geoffrey at andrews.edu
Sat Nov 16 01:44:01 GMT 2002
I'm wondering what the samba server needs write access to, in LDAP, to
operate.
I've got the following lines in slapd.conf:
#--
#Samba Passwords -- Only Samba (and its authenticated users) can access this.
#Also includes flags -- Use smbpasswd for everything:
access to attr=lmPassword,ntPassword,rid,acctFlags,pwdLastSet,logonTime,logoffTime,kickoffTime,pwdCanChange,pwdMustChange,homeDrive,scriptPath,profilePath,userWorkstations,smbHome,domain
by dn="uid=SambaServer,ou=Servers,dc=domain,dc=com" write
by dn=".*,ou=Administrators,ou=Users,dc=domain,dc=com" write
by * none
#Posix Account info -- only admins can change.
#They are not too valuable, plus nss_ldap problems. Let all read:
access to attr=uid,uidNumber,gidNumber,homeDirectory
by dn="uid=SambaServer,ou=Servers,dc=domain,dc=com" write
by dn=".*,ou=Administrators,ou=Users,dc=domain,dc=com" write
by * read
#--
However, when I run smbpasswd I get an insufficent access error.
smbpasswd -D 255 reports:
--
ldapsam_open_connection: ldap://localhost
ldap_open_connection: connection opened
ldap_connect_system: Binding to ldap server as
"uid=SambaServer,ou=Servers,dc=domain,dc=edu"
ldap_connect_system: succesful connection to the LDAP server
ldapsam_search_one_user: searching for:[uid=testuser]
Setting entry for user: testuser
failed to modify user with uid = testuser with: Insufficient access
failed to modify user with uid = testuser
Failed to modify entry for user testuser.
Failed to modify password entry for user testuser
--
What else does Samba need permission to access?
More information about the samba
mailing list