Samba-3.0-alpha19 as PDC and Openldap
abartlet at dp.samba.org
abartlet at dp.samba.org
Fri Aug 23 07:39:00 GMT 2002
On Fri, Aug 23, 2002 at 05:26:29PM +0200, Guenther Deschner wrote:
> hi,
>
> On Fri, Aug 23, 2002 at 02:00:31PM +0000, georges.goebel at ist.lu wrote:
> ...
> > My Question now: Is it POSSIBLE to join a domain with ldap password
> > authentification und samba 3.0 alpha, or do I have to wait for the release ?
>
> sure.
>
> > I try under Red Hat 7.2 and Solaris 9
> >
> > Here my global section:
> >
> > [global]
> >
> > workgroup = SIN-NT2
> > netbios name = testlinux
> > server string = samba / nfs
> > encrypt passwords = yes
> > passwd program = /usr/local/smbldap-tools-0.7/smbldap-passwd.pl -o %u
> > passwd chat = *new*password* %n\n *new*password* %n\n *successfully*
> > unix password sync = yes
> >
> > log file = /var/log/samba/%m.log
> > log level = 7
> > # max log size = 0
> >
> > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> >
> > domain logons = yes
> > os level = 255
> > preferred master = true
> > domain master = true
> > dns proxy = no
> > wins support = no
> >
> > ldap suffix = dc=pch,dc=etat,dc=lu
> > ldap admin dn = cn=Manager,dc=pch,dc=etat,dc=lu
> > ldap filter = (&(uid=%u)(objectClass=sambaAccount))
> > ldap machine suffix = ou=Computers,dc=pch,dc=etat,dc=lu
> > ldap user suffix = ou=Users,dc=pch,dc=etat,dc=lu
> > ldap ssl = no
> >
> > security = user
> >
> > passdb backend = ldapsam_nua
>
> last time i checked, the ldapsam_nua-backend could not be used for a
> domain-join/-logon. afaik you still require a valid posixaccount for your
> machine and your user.
Unix accounts are not required for machines, but are for users - and can be
supplied by nss_ldap.
Andrew Bartlett
More information about the samba-technical
mailing list