[Samba] Re: Novell EDirectory as LDAP backend

[Rolf Offermanns]

Stefan Voelkel wrote:
>> Hi,
>> is anybody out there who is using Novell Edir. with samba?
> 
> 
> Yes, 8.6.3 on a RH 7.3 to be precise.
I am using 8.7 on RH 7.3.
> 
> Works pretty good. I have not yet tried to integrate cups but user 
> authentification (unix login) is done via pam_ldap, i just have some 
> problems getting password syncronisation running, users can alt-ctrl-del 
> an change their windows password, but I want to set the user unix 
> password too.

That works for me, too.
Concerning the passwd sync, have a look at the
passwd program, passwd chat and unix passwd sync
options in smb.conf.

That did it for me with the smbldap-passwd.pl script from the 
exampled/LDAP directory in the 2.2.7a tar ball.

> 
>> The only thing that does not work is to ldapadd or ldif import users 
>> with objectClass sambaAccount.
> 
> 
> sambaAccount is an auxiliary class, i think you do need a real object 
> class (like user). Take a look with the Schema Manager (ConsoleOne) at 
> the user class, and the needed attributes (IIRC there are 4).

I have a real object. Are you able to add/import a user object with 
sambaAccount on your system? If so, can you provide a working ldif 
sample that works for you.

I have tried the following w/o success.
Create a working posixAccount/sambaAccount user with c1. Export it using 
the export wizard. Delete the object and try to reimport it.
-> object class violation

> 
>> Adding posixAccount users and then adding the sambaAccount objectClass 
>> via Novells "ConsoleOne" works, so I guess this is a edir. specific 
>> problem which is OT here.
> 
> 
> Check out the Novell News Servers, one is at:
>     
>     support-forums.novell.com

I did that, too, but haven't got an answer so far.

-Rolf