[Samba] Re: samba (2.2.7a) + openldap (2.0.x)
C.Lee Taylor
leet at leenx.co.za
Fri Jan 10 08:21:02 GMT 2003
Buchan Milne wrote:
> OK, I stayed a bit late, waiting for things to finish compiling etc ...
You should not work that hard ... ;-)
> and did some tests. It seems to work. What I did was just point the
> production DC at a slave server, and then
Kewl ...
> 1)try and change my password
> a)while both ldap servers were running (works)
Great ... did you watch the traffic follow by any chance ...
> b)while only the slave is running (doesn't work)
That should not, at least not by the standards that I understand that
LDAP replcia works ...
> c)while only the master is running (doesn't work)
That should work, but I think that might be a smb.conf thing ...
> 2)connect to my homes share
> a)while both servers were running (works)
> b)while only the slave was running (works)
> c)while only the master is running (doesn't work)
Same as the above ...
> So, it seems to be all correct, but it would be nice to have ldap
> failover (multiple ldap servers listed in smb.conf?), but not absolutely
> necessary. Now our WAN setup should work!
This is how I intend it to work, but have not finish testing ...
> And, I also seem to not be able to have machine accounts created by
> samba. I lost the (samba) log now, but while I had smbcontrol'ed the
> smbd handling my domain join, I saw an ldap search string something like
> this:
>
> (&(uid=machine_)(objectclass=sambaAccount))
>
> where it should have been like this:
> (&(uid=machine$)(objectclass=sambaAccount))
This I am not certain about this ... but I would think it better to use
LDAP scripts to add the accounts, which I think IDXP or something like
that does have ... remember, if you use the normal way, Samba is tring
to add an account into passwd and shadow, which will not work ...
> Without the LDAP entry in the server, I got a "No mapping was done
> between .... etc " error on the client.
Do you have the LDAP enter at all ...
> I also had a local machine account (in passwd) at which time I did not
> get the error AFAICR, but it failed to join.
Mmm, I have had problems when there is an account already ... something
fails ... I do remember somework in Head to get around this, but not in 2.2
> I was hoping to release 2.2.7a RPMs for Mandrake now, but they can't
> ship like this ...
I have made some RPMs for RedHat 8.0, which is what I am about to test,
and I see Herb Lewis has sent me a patch for the autoconf check, which I
have not looked at yet either ... but I am hoping this can all come
together soon ...
Good Luck ...
Mailed
Lee
More information about the samba
mailing list