[Samba] using LDAP and PDC together

Andrew Bartlett abartlet at pcug.org.au
Fri Sep 6 02:22:01 GMT 2002


On Thu, 5 Sep 2002, Louis-David Mitterrand wrote:

> 
> Hello,
> 
> I am in the process of migrating to
> 
> passdb backend = ldapsam
> 
> on debian unstable with the latest 3.0pre samba package. 
> 
> All users have a ldap sambaAccount object which was added by hand after
> using migrationtools from padl.com. Testing auth with smbclient works
> fine, however when using samba as a PDC from WinXP I can't log into the
> domain as I used to when "passdb backend = smbpasswd". However adding
> the machine to the domain seems to work.
> 
> I haven't dug very deep into the problem, at this point I am just
> wondering if there is any known issue with using LDAP and PDC
> functionalities together?

Not that I know of.

> Also in the sambaAccount ldap object I noticed a mandatory "rid" field.
> What does relative id mean? I populated the rid's with unix id's, is it
> a good or bad idea?

A very bad idea.  Use the algorithm (uid*2+1000) to determine the RID for 
users, or better still, use pdbedit's import/export function to migrate
the users - that way you get all this stuff done for free! 

> Thanks in advance for your insight, cheers,
> 
> 

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba mailing list