Samba OpenLDAP Domain issue
Andrew Bartlett
abartlet at samba.org
Thu Jan 31 04:15:59 MST 2013
On Thu, 2013-01-31 at 09:57 +0400, 25Dollar Tech wrote:
> Hello Team,
>
> I am using samba 3.6.3 in ubuntu as file server and also I have a
> domain controller in my organization both are different servers.
>
> I am able to register SAMBA as domain controller successfully, and I could
> see SAMBA Domain with SID populated in my OpenLDAP. But my problem is when
> I configure samba as file server. SAMBA is pulling the host name and
> registering to OpenLDAP as domain.
>
> Example My Domain name is test.
>
> My file server host name is fileserver01
>
> I could see test and fileserver01 in my openldap with SID. why this
> is happening, since this is just configured as file server. and also I do
> not have winbind configured in my file server. below are my configuration
> details.
Your file server should be joined to the domain as a domain member
server, and not directly use passdb against the DC.
You should then use nss_winbind or nss_ldap to get consistent user and
group memberships with the DC.
By connecting your Samba file server to the DC, it is confused as to if
the password sore in ldap, which it has full control of, should belong
to it or the DC, and the result will not be pretty.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list