[Samba] Novell EDirectory as LDAP backend

Bruno Gimenes Pereti pereti at ump.edu.br
Mon Feb 17 14:55:52 GMT 2003 

Hi Rolf,

I spent a long time last year trying to use Edirectory with Samba but I
didn´t get it working. That file in the tar ball is a translation I did from
samba.schema to the sintaxe of the ndssch program that is installed with
Edir 8.6.2 for linux. The SyntaxID error is probably my mistake. I didn´t
get your file attached and I think you should send it to Jerry to update it
in the CVS tree.
I stopped working with that and now I´m using OpenLDAP but I remember that
the object "Account" was missing in the rfc2307-usergroup.sch that comes
with the Edir for linux.

I suppose the user that you are using in the ldapclient and samba have the
right privilege to insert and alter information in you Edir. What is the
messages in you log file?

Bruno Gimenes Pereti.


----- Original Message -----
From: "Rolf Offermanns" <rolf.offermanns at gmx.net>
Subject: [Samba] Novell EDirectory as LDAP backend


> Hi,
> is anybody out there who is using Novell Edir. with samba?
>
> I have searched the archive and found some random notes but no real
> success story.
>
> Here is what I have achived so far. Maybe someone can give me some hints.
>
> I have tried the samba-nds.schema that comes with the 2.2.7a tar ball.
> While I was able to import/add it to EDir. it did not work for me,
> because the "lmPassword" and "ntPassword" attributes had a SyntaxID of
> "SYN_INTEGER" which I think is wrong, because samba tries to store some
> hex.Strings in these attributes. After changing them to "SYN_CI_STRING"
> I was able to authenticate against edir.
>
> The only thing that does not work is to ldapadd or ldif import users
> with objectClass sambaAccount.
>
> Adding posixAccount users and then adding the sambaAccount objectClass
> via Novells "ConsoleOne" works, so I guess this is a edir. specific
> problem which is OT here.
>
> So right now, I can manually add machine and user accounts, join (W2K)
> clients to the samba domain and log in as an user. Changing passwords
> works, too.
>
> I have attached the modified schema file.
>
> Can anyone give me a hint about adding users w/o using ConsoleOne?
> Setting this up with openldap was no problem at all, btw, but I have to
> use edirectory, because my university wants it that way.
>
> Any help is greatly appreceated,
> -Rolf

More information about the samba mailing list