Fwd: Re: [Samba] smbpasswd fails to add machine account with ldapsam

Aaron Smith aaron at pandora-net.com
Tue Nov 18 14:08:42 GMT 2003


	This is only slightly connected, but since I've been meaning to send an
email about it ANYWAY, I figured I'd throw it in with this discussion. 
What *I* ran in to with the "ldap machine suffix" option for the
smb.conf file is that I had to enter the ENTIRE base name.  Is this by
design?  For example, if I had the following in my smb.conf:

ldap machine suffix = ou=Computers
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap suffix = dc=pandora-net,dc=com

	Then Samba would be unable to find ANYTHING in the ldap 
directory.  After looking at the ldap logs, I noticed that Samba was
trying to find People info with a base dn of JUST "ou=People".  It
wouldn't add the rest of the dn listed in the "ldap suffix" directive. 
I ended up having to enter the entire dn for each subgroup to get it to
work.  Does the order of the directives make a difference?  In other
words, would the above work if I had put the "ldap suffix" FIRST?

On Tue, 2003-11-18 at 07:51, Christoph Rudorff wrote:
>  
>  Also the samba documentation makes me wonder:
>  
>  "ldap machine suffix (G)
>          It specifies where machines should be added to the ldap tree."
>  
>  Ok, samba adds at the correct place but how about lookup? Even if I enter
>  some nonsense values to all suffixes, samba always ask "ou=People". 
>  
>  I guess its time for a bug report.
>  
> 
>  chris
> 
> `--------------- Weitergeleitete Nachricht (Ende)
-- 
-----------------------------------------
"The pain of war could not exceed, the woe 
	of aftermath.
The drums will shake the castle walls
The ringwraiths ride in black...."
	-Led Zeppelin "The Battle of Evermoore"




More information about the samba mailing list