another idmap_ad question

Gerald (Jerry) Carter jerry at samba.org
Wed Nov 12 14:28:24 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Herb Lewis wrote:
> I think you misunderstood the question 

ok.  Sorry.  Thought you were asking why the password field
was no filled in.

> but I think I found why it does it.  LDAP queries only 
> return the unixUserPassword attribute if the user
> you authenticated as is a member of administrators it appears.
> How do you control the credentials being used by idmap_ad to
> do the ldap query?

It's always does as the machine account.  See ad_idmap_cached_connection_internal()





cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJGugIIR7qMdg1EfYRAmW3AJ4qY7f4TxPg/iWAecVo/D72udAStgCaAw5f
gYQ1FFnrCpllBJOpPThAsHA=
=nEoi
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list