Status of LDAP support in Samba

Allan Bjorklund allan at
Fri Jan 22 18:46:04 GMT 1999

On 22-Jan-99 Luke Kenneth Casson Leighton wrote:
>> (smbpasswd/rpcclient) need to have more options for NT accounts. 
> rpcclient should be capable of adding / deleting groups and aliases,
> do
> "help" to view available commands.

  Yes, I know.  But it leaves many fields empty or sticks defaults in.
  I want to specify the values that go in those other fields.

>>  One part I'm still trying to puzzle out is group managment and user
>> mapping.  If I add a group that is predefined in SAMBA (e.g., Domain
>> Admins) rpcclient shows two instances of it and none of the changes
>> I
>> make with rpcclient actually go in.
> SAMBA is read-only for account management.

  Doesn't this contradict what you said up top?  Also, that wasn't what
I really trying to get at.

  What I'm curious about, is does SAMBA currently rely only on the
domain group map, domain user map, and local group map parameters for
putting people into groups and mapping SMB ids to unix ids?

  By putting the same information into LDAP shouldn't SAMBA be able to
get it from there instead?

  The behavior I'm seeing says no.


  Allan Bjorklund                  |                  allan at
  Systems Research Programmer      |           University of Michigan
  Information Technology Division  |               535 W. William St.
  1-(734)-763-9391                 |              Ann Arbor, MI 48103

More information about the samba-technical mailing list