Samba as a PDC with ldap backend

Samba Admin samba at denverdata.com
Tue Oct 16 09:59:04 GMT 2001 

Joachim,

I've had Samba 2.2.1a and now Samba 2.2.2 running with OpenLDAP as the SAM
database. I have a small number of users that were already being
authenticated via pam/nss to LDAP, so I just updated the accounts by hand
with the info from my old smbpasswd.

To get 2.2.2 against LDAP add the following to the global section of you
smb.conf:

   ldap server = <ldap host>
   ldap port = <ldap host port, 389 default)
   ldap suffix = <ldap host suffix>
   ldap admin dn = <dn of admin user in LDAP, not necessarily the LDAP
manager,
      but should have permissions to write any sambaAccount and some
posixAccount
      attrs>

Once that is done, run smbpasswd as root as follows:
   smbpasswd -w <password for ldap admin dn>

This puts the password in the secrets.tdb.


Samba 2.2.2 is proving a challenge in that it appears the handling of a
users rid is inconsistent. Sometimes it is treated as a decimal number,
sometime hex -- at least that's what I'm observing so far.

User Manager for Domains is proving a good test for the validity of your
LDAP entries. If you can double click a user account and view its
properties, the entry is should be good. Editting those properties is not
currently working via User Manager...

HTH,
Doug


> -----Original Message-----
> From: samba-ntdom-admin at lists.samba.org
> [mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of
> Joachim.Tork at gad.de
> Sent: Tuesday, October 16, 2001 8:08 AM
> To: samba-ntdom at lists.samba.org
> Subject: Samba as a PDC with ldap backend
>
>
> Hello,
>
> I am trying to set up a linux box with samba as a PDC.
> I am using samba-2.2.2, encouraged by the announcement
> that there is better support for that in this new release.
>
> I set up an ldap server and fed this with entries according to
> samba.schema.
> The mounting of shares is working fine, but a domain logon
> is not working at all.
>
> So my question is if anyone has brought this thing to work.
> Is there already a howto available ?
>
> Best regards
>
> Joachim
>
>
>

More information about the samba-ntdom mailing list