More LDAP info
Dana Canfield
canfield at uindy.edu
Thu Oct 4 14:38:01 GMT 2001
Correction regarding the LDAP updating... apparently the people who were
having this problem had been changing their passwords from NT. It still
should probably not update all the attributes in this manner, but at
least it's not as bad as I originally thought.
Thanks/sorry.
DC
On Thu, 2001-10-04 at 15:52, Dana Canfield wrote:
> Jerry,
>
> Attached is the patch to make pdb_ldap fall back to lp_* if the
> attributes aren't found in LDAP. It's trivial, but at least it's tested
> and seems to do what it's supposed to. Obviously you can yank out the
> DEBUG lines, or kick them up to a higher level if you like.
>
> There still seem to be a couple of minor issues with LDAP, though:
>
> 2) If an attribute is not defined in LDAP when a user logs in, it ends
> up being set somewhere along the line by the time they log out. For
> example, we don't define a scriptPath in LDAP for our users because we
> want machine-specific batch files to execute, based on what lab they are
> in, so we use a %m.bat line in smb.conf. Now, the scriptPath is being
> set to the machine-name.bat of whatever machine they first log into.
> Even worse, the homeDirectory attribute is being updated in ldap to
> point to the value of smbHome.
>
> I can't think of any time when it would be a good idea for samba to
> automatically update somebody's scriptPath, smbHome, and especially the
> homeDirectory.
More information about the samba-technical
mailing list