LDAP an %variables
Andrew Bartlett
abartlet at samba.org
Sat Aug 3 04:32:02 GMT 2002
Marcel Ritter wrote:
>
> Hi there!
>
> I recently set up a samba server with LDAP support. After some tests with
> different windows versions my profile was trashed. So I tried to store
> the profile in a subdirectory "%a" (which should resolve to the windows
> release WinNT Win2k etc.). Unfortunately this does not work when specified
> in LDAP.
>
> Is there a reason for this?
>
> I'd really like to use the %<var> statements in LDAP. I already hacked
> around a bit and it works for me (just copied one line!) - however I'd
> like to see it in the official release if there's no further technical
> problem I can't see by now.
It has problems when you then store the expanded form - you lose the
LDAP magic on the first password change etc.
To get around this, we came up with a way we have 'defaults' for certain
things, using the same stuff as the 'fudge it up' solution for
smbpasswd. Except we don't store the expanded strings back, unless they
are modified by a client.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list