[Samba] Samba3.0beta1 as PDC with LDAP
Martin Sapsed
m.sapsed at bangor.ac.uk
Mon Jun 9 16:18:15 GMT 2003
Hannu Tikka wrote:
> > I finally got Samba-3.0beta1 as PDC with LDAP backend.
> > However, I need to specify:
> >
> > passdb backend = ldapsam smbpasswd:smbpasswd guest
> >
> > and have the root account's exists in smbpasswd file.
> > I still could not get a uid=root entry in LDAP to
> > allow client workstation to join the domain.
> >
> > When in samba-2.2.8a I could use a fake rid=506 with
> > uidNumber=0 entry in LDAP (as a SambaAccount) and it
> > worked fine. But even after converting this entry to
> > SambaSamAccount object with Jerry's conversambaAccount
> > script it would not allow client machines to join the
> > domain.
> >
> > Has anyone got a full LDAP based Samba PDC working
> > without the need to have a fallback smbpasswd for the
> > root account? What SambaSID will work for a root
> > account that allows client workstations to join the
> > domain?
>
> With pdbedit -L you can see rid's.
> I used it and got rid 0 with sambaSID: <domain sid>-1000. It might be
> that I have somewhere declared that SID's start at 1000 but I didn't
> found it in smb.conf so it might be default.
This follows from the idea that
rid = (uidNumber * 2) + 1000
doesn't it? That's certainly the formula I've used in alpha24 for root
and general users and it "works for me!" (TM)
Cheers,
Martin
--
Martin Sapsed
Information Services "Who do you say I am?"
University of Wales, Bangor Jesus of Nazareth
More information about the samba
mailing list