LDAP stuff (was Re: LDAP client requires smbpasswd encrypt t

Allan Bjorklund allan at umich.edu
Tue Jan 12 16:53:56 GMT 1999


On 08-Jan-99 Matt Chapman wrote:

 [Lots of bugs and their fixes deleted.]

> I've already fixed all of the above on my version so I will make sure
> it all
> gets committed.

  Great, I'll be looking for them.

> 
> Sorry about the bugs (I've been on holidays & didn't have an NT
> workstation to
> test against), and thanks for all your help!

  You're welcome.  I need to get this working for NT as that is our
production environment. (~2500 Lab machines, ~25,000 users).

  One annoying thing that goes away with the LDAP code, is the "Your
password has expired" message.  I added a big number (42 * 24 * 60 *60)
to the password date and placed that in the password must change field.
The message went away and hopefully I won't see it again for 42 days.
Maybe a default password age option could be added to the password
routines/smbpasswd?  Right now I'm setting it by hand.

  The only thing I'm having problems with now, are the setting group
RIDs and adding group objects.  My administrator account for the domain
seems to have lost it's administrative privileges since I started using
LDAP.

  I figured out the schema from the code, but am confused as to how to
put the RIDs in.  Do I just put the straight RID in or run it through
the bit fiddling formula first?   Something else?

--Allan


  ===================================================================
  Allan Bjorklund                  |                  allan at umich.edu
  Systems Research Programmer      |           University of Michigan
  Information Technology Division  |               535 W. William St.
  1-(734)-763-9391                 |              Ann Arbor, MI 48103
  ===================================================================


More information about the samba-technical mailing list