[Samba] LDAP IDMAP not working

ww m-pubsyssamba pubsyssamba at bbc.co.uk
Mon Nov 10 13:08:03 GMT 2003 

Hi all,

	anyone able to point out why I'm not able to get samba 3.0.0 to update my LDAP server with any idmap data? I'm using SunOne DS 5.2 LDAP server and the following entries in my smb.conf file,

	ldap admin dn = "uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot"
	ldap ssl = off
;	ldap suffix = "dc=testlan,dc=bbc,dc=co,dc=uk"	** have tried with this attribute on and off **
             winbind separator = +
             winbind cache time = 10
             template shell = /bin/sh
            ; template homedir = /home/%D/%U
	     idmap backend = ldap:ldap://bbcwwp-sun24.testlan.bbc.co.uk:389
	     ldap idmap suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
	     ldap group suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
	     ldap user suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
	     ldap machine suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
             idmap uid = 10000-20000
             idmap gid = 10000-20000
	winbind enum users = yes
	winbind enum groups = yes

I've successfully updated the schema with the samba bits and have tested the admin account specified in the smb.conf using ldapsearch. I've created both a root and admin account using smbpasswd with the correct password for the admin account (I wasn't clear which account should be used from the samba documentation). But my idmap OU is empty, and to be honest I can't even see any attempts to access the LDAP server from its access logs (excepting when testing using ldapsearch). Any help would be appreciated,

	thanks in advance, Andy.

BBCi at http://www.bbc.co.uk/

This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.

More information about the samba mailing list