[Samba] Samba-LDAP with custom object class

Matthieu Turpault matthieu.turpault at comelis.fr
Mon Sep 23 10:15:01 GMT 2002


Hello,

            First, excuse me if this messages is not in the right mailing list: I have not found a samba-ldap forum.
	I try to use Samba-LDAP with my own object class but I cannot manage using an other attribute than 'uid' for the user ID.

	Here is my objectClass:
--------------- myClass.schema -----------------------------------
attributeType ( 1.3.6.1.4.1.13460.1.18.1
	NAME          'login'
        DESC     'login used by linux'
	EQUALITY caseIgnoreMatch
	SUBSTR caseIgnoreSubstringsMatch
	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

objectClass ( 1.3.6.1.4.1.13460.2.18.1
        NAME   'myPerson'
	SUP    TOP
	STRUCTURAL
	MUST   ( login ) )
-----------------end - myClass -------------------------------
         
                 My smb.conf is the following one (only an extract):
------------------ smb.conf -----------------------------
    ldap admin dn = "cn=manager,id=1"
    ldap server = 10.0.1.10
    ldap ssl = off
    ldap port = 389
    ldap suffix = "id=1.3.3,id=1.3,id=1"  
    ldap filter = "(&(login=%u)(objectclass=sambaAccount))"              
------------------ end - smb.conf ---------------------

               The file /etc/ldap.conf
------------------- ldap.conf -----------------------
          pam_login_attribute uid
          pam_filter objectclass=myPerson       
------------ end - ldap.conf ----------------------


             The file /etc/nsswitch.conf  ( on the directory server and on the samba server):
----------- nsswitch.conf --------------------
nss_base_passwd	id=1.3.3,id=1.3,id=1
nss_base_shadow	id=1.3.3,id=1.3,id=1

nss_map_attribute    uid     login
nss_map_attribute    userid  login
---------- end - nsswitch.conf ------------
              

           and my person:
----------- myperson.ldif ------------------
dn: uid=FR750034,id=1.3.3,id=1.3,id=1
loginShell: /bin/bash
objectClass: myPerson
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaAccount
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: qmailUser
sn: Smith
gidNumber: 100
gecos: Teddy Smith
uidNumber: 502
login: ted
mail: teddy.smith at zoo.com
qmailUID: 502
qmailGID: 100
givenName: teddy
homeDirectory: /homes/teddy
uid: FR750034
logonTime: 0
cn:: TWF0dGhpZXUgVHVycGF1bHQg
rid: 103
primaryGroupID: 103
-------- end - myperson.ldif -------------



           When I try to open a home Directory with a Windows client, a request of authentication is displayed but it comes back after each test.
           The log file of the directory:


---------- Log file of Openldap -----------
Sep 23 12:08:44 therese slapd[1745]: conn=164 op=51 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1833]: conn=164 op=52 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(objectClass=posixAccount)(login=ted))"
Sep 23 12:08:44 therese slapd[1833]: conn=164 op=52 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1731]: daemon: conn=268 fd=23 connection from IP=10.0.1.12:32921 (IP=0.0.0.0:34049) accepted.
Sep 23 12:08:44 therese slapd[1736]: conn=268 op=0 BIND dn="CN=MANAGER,ID=1" method=128
Sep 23 12:08:44 therese slapd[1736]: conn=268 op=0 RESULT tag=97 err=0 text=
Sep 23 12:08:44 therese slapd[2330]: conn=268 op=1 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(login=ted)(objectClass=sambaAccount))"
Sep 23 12:08:44 therese slapd[2330]: conn=268 op=1 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[2331]: conn=164 op=53 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(objectClass=posixAccount)(login=FR750034))"
Sep 23 12:08:44 therese slapd[2331]: conn=164 op=53 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1745]: conn=268 op=2 UNBIND
Sep 23 12:08:44 therese slapd[1745]: conn=-1 fd=23 closed
Sep 23 12:08:44 therese slapd[1731]: daemon: conn=269 fd=23 connection from IP=10.0.1.12:32922 (IP=0.0.0.0:34049) accepted.
Sep 23 12:08:44 therese slapd[1833]: conn=269 op=0 BIND dn="CN=MANAGER,ID=1" method=128
Sep 23 12:08:44 therese slapd[1833]: conn=269 op=0 RESULT tag=97 err=0 text=
Sep 23 12:08:44 therese slapd[1731]: deferring operation
Sep 23 12:08:44 therese slapd[1736]: conn=269 op=1 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(login=ted)(objectClass=sambaAccount))"
Sep 23 12:08:44 therese slapd[1736]: conn=269 op=1 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[2330]: conn=164 op=54 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(objectClass=posixAccount)(login=FR750034))"
Sep 23 12:08:45 therese slapd[2330]: conn=164 op=54 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:45 therese slapd[2331]: conn=269 op=2 UNBIND
Sep 23 12:08:45 therese slapd[1745]: conn=164 op=55 SRCH base="id=1.3.3,id=1.3,id=1" scope=2 filter="(&(objectClass=posixAccount)(login=ted))"
Sep 23 12:08:45 therese slapd[2331]: conn=-1 fd=23 closed
Sep 23 12:08:45 therese slapd[1745]: conn=164 op=55 SEARCH RESULT tag=101 err=0 text=
--------end- Log file of Openldap -----------


            The directory /homes/ted exists and is owned by mat.users.
        
        Do you have a clue ?

Thanks in advance


Matthieu



More information about the samba mailing list