creating accounts in ldap with smbpasswd?
paul at subsignal.org
Sat Jul 26 21:11:29 GMT 2003
Lars Grobe wrote:
> It is getting quite complicated... I am just setting up
> a ldap server that is to hold our user accounts. Those
> are to be used a authentication for our windows (via samba 3),
> solaris and mac os x clients. afaik I should use the new
> samba 3 schema, right? I suppose that all tools dealing with
> samba accounts that will be developed in future will use
> the new schema. However, all existing tools are for 2.2 schema.
> What are you using to maintain your account databases?
Scripts. Write a few wrappers around pdbedit and smbpasswd use the hooks
(add user skript, add machine script...) in smb.conf and you' re gone.
> I read that smbpasswd handles everything to create accounts in
> ldap. Does this mean it creates posix and samba accounts?
Not the posix stuff.
> ask this as I also read that accounts are needed in /etc/passwd,
sigh, samba doesn't care if your users are in LDAP or /etc/passwd if
your NSS-modules are configured correctly, so it's your choice.
> but this doesn't make sense - I don't want accounts in ldap AND
> passwd. Will smbpasswd -a create all data necessary for an unix
> account (home, password, shell, id etc) AND all the special samba
> stuff (nt-password, logondrive etc)?
No, it only adds the SambaSAMAccount attributes, the posixAccount has to
exist prior to running smbpasswd.
> I hope this question is not too stupid, but I want to jump into
> the ldap adventure now that samba comes closer to 3.0... and
> our new file server is waiting to get into production :-)
Good luck ;)
> TIA+CU, Lars.
More information about the samba-technical