Computers in LDAP directory, pdb_get_group_sid

paul paul at subsignal.org
Thu Mar 19 21:56:18 GMT 2009


J.A. Gutierrez schrieb:
[snip]
> 	The problem is, if you are using LDAP for user accounts, usually
> 	you want to have real users under "ou=People", and computers
> 	under "ou=Computers", and with this setup, getpwnam() doesn't
> 	know nothing about the later[2]...
> 
> 	In fact, in smb.conf, you can set "ldap machine suffix = ou=Computers"
> 	as noted in the man page, but it seems samba doesn't use this setting...
Hi,

this is a long-standing "gotcha"; fortunately you can fix it. Look at 
the parameter "ldapsam:trusted" and friends in "man smb.conf".

cheers
  Paul


More information about the samba-technical mailing list