[Samba] using LDAP and PDC together
Andrew Bartlett
abartlet at pcug.org.au
Fri Sep 6 02:22:01 GMT 2002
On Thu, 5 Sep 2002, Louis-David Mitterrand wrote:
>
> Hello,
>
> I am in the process of migrating to
>
> passdb backend = ldapsam
>
> on debian unstable with the latest 3.0pre samba package.
>
> All users have a ldap sambaAccount object which was added by hand after
> using migrationtools from padl.com. Testing auth with smbclient works
> fine, however when using samba as a PDC from WinXP I can't log into the
> domain as I used to when "passdb backend = smbpasswd". However adding
> the machine to the domain seems to work.
>
> I haven't dug very deep into the problem, at this point I am just
> wondering if there is any known issue with using LDAP and PDC
> functionalities together?
Not that I know of.
> Also in the sambaAccount ldap object I noticed a mandatory "rid" field.
> What does relative id mean? I populated the rid's with unix id's, is it
> a good or bad idea?
A very bad idea. Use the algorithm (uid*2+1000) to determine the RID for
users, or better still, use pdbedit's import/export function to migrate
the users - that way you get all this stuff done for free!
> Thanks in advance for your insight, cheers,
>
>
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list