[Samba] Win2k, Samba 2.2.5 and LDAP

Eddie Lania e.lania at elton.nl
Thu Jul 25 23:47:04 GMT 2002 

Hello again Peter,

You do have to add a "ou=Computers" tree to your ldap in which all the
computer accounts can be stored.
This is how Idealix preferres to do it.
Have you checked out their website yet? http://samba.idealix.org
I really advise you to do so in order to retrieve their latest smb-ldap
package.

Basically, my ldap tree looks like this:

ou=Users
ou=Groups
ou=Computers

Good luck!

Eddie.


----- Original Message -----
From: <drgn65 at ufl.edu>
To: "Eddie Lania" <e.lania at elton.nl>
Cc: <samba at lists.samba.org>
Sent: Thursday, July 25, 2002 2:41 PM
Subject: RE: [Samba] Win2k, Samba 2.2.5 and LDAP


> Hi Eddie,
>
> Thanks for the great advice, I'll try that this morning.  One thing
though,
> that I am sort of confused about. You wrote "... one time as a user in the
> Users tree and also as a computer in the Computers tree." Currently I only
> have a "ou=People" tree in my LDAP server.  Do I need to add a
> "ou=Computers" tree in my LDAP server?  If so, does this change my
smb.conf?
> Currently I have search ldap suffix = "ou=People,dc=lifesafety,dc=net"
>
> Thanks for the help!
> -Peter
>
> -----Original Message-----
> From: Eddie Lania [mailto:e.lania at elton.nl]
> Sent: Thursday, July 25, 2002 3:19 AM
> To: drgn65 at ufl.edu
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Win2k, Samba 2.2.5 and LDAP
>
>
> Hi ?,
>
> I have had the same problem a while ago.
>
> After downloading and installing the smbldap tools, I modified the
> smbldap-conf.pm according to my own needs.
> Pay special attention to the group (number) parameter for the computers in
> the ldap tree and smbldap-conf.pm, and the location of your smbpasswd
> program (/usr/local/samba/bin/smbpasswd).
>
> You also need to add the computers group (102 in my case) to the
/etc/group
> file.
>
> domwks:x:102:
>
> I added the parameter "add user script =
> /usr/local/sbin/smbldap-useradd.pm -g 102 -w %u" to my smb.conf.
> I restarted the smb and nmb services.
>
> After that I was able to succesfully add a win2k/xpclient pc to the
domain.
> Later I noticed that the client pc was added to /etc/password AND it was
> added twice to my ldap tree, one time as a user in the Users tree and also
> as a computer in the Computers tree.
> This makes sence to me since samba (smbpasswd) needs to find the pc in the
> /etc/passwd file but the authentication is also done to the ldap database.
>
> Look for the Softerra ldap browser and Administrator, they are helpfull
> tools!
>
> I hope this works for you too?
>
> Greetings,
>
> Eddie.

More information about the samba mailing list