[Samba] Samba 3.0 + LDAP
Gonzalo Servat
gonzalo at unixpac.com.au
Tue May 28 21:18:02 GMT 2002
On Tue, 2002-05-28 at 18:10, abartlet at samba.org wrote:
> On Tue, May 28, 2002 at 10:09:12AM +1000, Gonzalo Servat wrote:
> > Hi All
> >
> > I've compiled Samba 3.0 alpha 17 using --with-ldapsam. In smb.conf I've
> > got:
> >
> > passdb backend = ldapsam
> > ldap admin dn = "cn=Manager,o=Sambatest,c=AU"
> > ldap suffix = c=AU
> > ldap ssl = off
> >
> > ... and the admin dn password is in the secrets.tdb file.
> >
> > Other than missing an "n" in "backend", :), is there anything clearly
> > wrong with my setup? Am I missing a configuration directive in smb.conf?
>
> You need to set that to 'passdb backend= ldapsam:ladp://ldap.server:port
Ah ha! Thanks. That did it...
Another question. I've mapped the group 'domadm' (using smbgroupedit) to
'Domain Admins'. In my /etc/group, I have:
domadm: smbadmin
... and smbadmin is a user in the LDAP tree. I've confirmed that I can
successfully map a share on the samba server using smbadmin.
I tried to join my samba domain (it's a Win2k box) and I get prompted
for a login/password of a user that has enough privileges to join the
domain. I entered 'smbadmin' and the password and I get 'Access is
denied'. I noticed in the logs that it tries various combinations of the
name 'smbadmin' before giving up with this error:
Get_Pwnam didn't find a valid username!
The combinations are uppercase/lowercase. The username is
DOMAIN\smbadmin though. Shouldn't it just be 'smbadmin' ?
Should it be auto-creating the computer account in the LDAP tree when I
try to join the domain or should I be creating the computer account
manually?
Thanks in advance!
Regards,
Gonzalo.
> > I've had Samba 2.2.x working with LDAP but I guess things have changed
> > in 3.0.
>
> Yes, I have changed a few things. We may change them again - if I can come
> up with a better way to express this stuff.
>
> Andrew Bartlett
More information about the samba
mailing list