[Samba] Re: Novell EDirectory as LDAP backend
Stefan.Voelkel at millenux.com
Stefan.Voelkel at millenux.com
Fri Feb 21 10:56:26 GMT 2003
> > Yes, 8.6.3 on a RH 7.3 to be precise.
> I am using 8.7 on RH 7.3.
> >
> > Works pretty good. I have not yet tried to integrate cups but user
> > authentification (unix login) is done via pam_ldap, i just have some
> > problems getting password syncronisation running, users can alt-ctrl-del
> > an change their windows password, but I want to set the user unix
> > password too.
>
> That works for me, too.
> Concerning the passwd sync, have a look at the
> passwd program, passwd chat and unix passwd sync
> options in smb.conf.
Since I use eDirectory with ldap to authenticate users login into the machine,
I wanted to use the
pam password change = true
setting, but I can not change passwords (even with passwd) at all:
LDAP password information update failed: DSA is unwilling to perform
but that looks like an eDirectory or EPERM problem.
> >> The only thing that does not work is to ldapadd or ldif import users
> >> with objectClass sambaAccount.
> >
> >
> > sambaAccount is an auxiliary class, i think you do need a real object
> > class (like user). Take a look with the Schema Manager (ConsoleOne) at
> > the user class, and the needed attributes (IIRC there are 4).
>
> I have a real object. Are you able to add/import a user object with
> sambaAccount on your system? If so, can you provide a working ldif
> sample that works for you.
The 2.2.7 smbldap-*.pl scripts do not work for me too. I appended a diff from
a working version.
> I have tried the following w/o success.
> Create a working posixAccount/sambaAccount user with c1. Export it using
> the export wizard. Delete the object and try to reimport it.
> -> object class violation
Ok that is rather odd ;)
--
--------------------------------------------------------------------
Stefan Völkel stefan.voelkel at millenux.com
Millenux GmbH mobile: +49.170.79177.17
Lilienthalstraße 2 phone: +49.711.88770.300
70825 Stuttgart-Korntal fax: +49.711.88770.349
-= linux without limits -=- http://linux.zSeries.org/ =-
-------------- next part --------------
--- smbldap-useradd.pl Thu Feb 13 15:25:59 2003
+++ /usr/share/doc/samba-2.2.7a/examples/LDAP/smbldap-tools/smbldap-useradd.pl Wed Dec 11 10:17:23 2002
@@ -1,7 +1,5 @@
#!/usr/bin/perl
-# $Id: smbldap-useradd.pl,v 1.23 2002/07/24 11:51:35 gmacinen Exp $
-#
# This code was developped by IDEALX (http://IDEALX.org/) and
# contributors (their names can be found in the CONTRIBUTORS file).
#
@@ -159,7 +157,7 @@
$userName .= "\$";
}
- print "About to create machine $userName:\n";
+ #print "About to create machine $userName:\n";
if (!add_posix_machine ($userName, $userUidNumber, $userGidNumber)) {
die "$0: error while adding posix account\n";
@@ -196,10 +194,10 @@
my $tmpldif =
"dn: uid=$userName,$usersdn
-objectclass: inetOrgPerson
+objectclass: top
+objectclass: account
objectclass: posixAccount
cn: $userName
-sn: $userName
uid: $userName
uidNumber: $userUidNumber
gidNumber: $userGidNumber
@@ -271,7 +269,8 @@
my $tmpldif =
"dn: uid=$userName,$usersdn
changetype: modify
-objectClass: inetOrgPerson
+objectclass: top
+objectclass: account
objectclass: posixAccount
objectClass: sambaAccount
pwdLastSet: 0
More information about the samba
mailing list