LDAP support needs ON/OFF switch in smb.conf!
Richard Sharpe
sharpe at ns.aus.com
Fri Jan 28 17:05:46 GMT 2000
Hi,
At 04:28 PM 1/29/00 +1100, Jim Morris wrote:
>Hi all!
>
>Just though I would ask this of the group...
>
>After working with the LDAP support in Samba-MAIN 1999-10-15, it appears
>that once you have done the configure with the "--with-ldap" flag, LDAP
>is the *only* authentication mechanism used by Samba. I observed that
>once I installed Samba, built with the LDAP support, that my Samba
>server was inaccessible until I got the LDAP server configured, and then
>added the LDAP options to my smb.conf. All attempts to connect to Samba
>prior to that ended up with what appeared to be LDAP authentication
>errors logged in my Samba log files...
>
>One would think that it would be a "good idea" to make the use of LDAP
>configurable via smb.conf. I.e. we need some sort of "ldap support =
>Yes/No" option, or something along those lines. That way it would be
>possible to distribute a prebuilt binary for Samba that includes LDAP
>support - and the user can turn it on if they need to use it...
Well, I think that this is a damn good idea ... thinks,
only needs the addition of a global ldap support = yes|no|on|off:0:1
Then in the places where LDAP is used for authentication, we would check
lp_ldap_support first and if off, fall back to other methods ...
It might also be useful to include another parameter:
authentication order = LDAP, NIS, passwd
To allow for extra flexibility, but it does add complexity to
administration, and perhaps nsswitch does this already?
>What do you think? Is there a good reason it cannot be turned off once
>compiled in?
>
>Thanks!
>
>Jim Morris (Jim at Morris.net)
>
Regards
-------
Richard Sharpe, sharpe at ns.aus.com, Master Linux Administrator :-),
Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org)
Co-author, SAMS Teach Yourself Samba in 24 Hours
Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course
More information about the samba-ntdom
mailing list