[Samba] Win2k, Samba 2.2.5 and LDAP

[drgn65 at ufl.edu]

Hi Eddie,

Thanks for the great advice, I'll try that this morning.  One thing though,
that I am sort of confused about. You wrote "... one time as a user in the
Users tree and also as a computer in the Computers tree." Currently I only
have a "ou=People" tree in my LDAP server.  Do I need to add a
"ou=Computers" tree in my LDAP server?  If so, does this change my smb.conf?
Currently I have search ldap suffix = "ou=People,dc=lifesafety,dc=net"

Thanks for the help!
-Peter

-----Original Message-----
From: Eddie Lania [mailto:e.lania at elton.nl]
Sent: Thursday, July 25, 2002 3:19 AM
To: drgn65 at ufl.edu
Cc: samba at lists.samba.org
Subject: Re: [Samba] Win2k, Samba 2.2.5 and LDAP


Hi ?,

I have had the same problem a while ago.

After downloading and installing the smbldap tools, I modified the
smbldap-conf.pm according to my own needs.
Pay special attention to the group (number) parameter for the computers in
the ldap tree and smbldap-conf.pm, and the location of your smbpasswd
program (/usr/local/samba/bin/smbpasswd).

You also need to add the computers group (102 in my case) to the /etc/group
file.

domwks:x:102:

I added the parameter "add user script =
/usr/local/sbin/smbldap-useradd.pm -g 102 -w %u" to my smb.conf.
I restarted the smb and nmb services.

After that I was able to succesfully add a win2k/xpclient pc to the domain.
Later I noticed that the client pc was added to /etc/password AND it was
added twice to my ldap tree, one time as a user in the Users tree and also
as a computer in the Computers tree.
This makes sence to me since samba (smbpasswd) needs to find the pc in the
/etc/passwd file but the authentication is also done to the ldap database.

Look for the Softerra ldap browser and Administrator, they are helpfull
tools!

I hope this works for you too?

Greetings,

Eddie.