[Samba] Re: LDAP violation ?

Andrew Bartlett abartlet at samba.org
Thu Apr 22 09:08:48 GMT 2004


On Fri, 2004-04-09 at 23:39, Jerome Pramondon wrote:
> Andrew Bartlett wrote:
> > On Fri, Apr 09, 2004 at 02:17:33PM +0200, Jerome Pramondon wrote:
> >   
> > > ok, I knew I could it this way (that suppose I already have users in the 
> > > directory), but what if I want to have separate entries for users and 
> > > samba account in the directory ?
> > >     
> > Don't do this.  Firstly, there is no point - LDAP is about grouping
> > these things togeather, not spitting data apart - and secondly, you
> > can't take advantage of intergration features like this...
> Ok, so if I understand you clearly, your advise is :
> - first to have a user admin interface to put users in the directory
> (with inetOrgPerson to access to the userPassword attribute),
> - then use the smbpasswd command, which first look for the user in the
> directory then modify it to be Samba-ready.
> Am I right ?

Yes.

This is the correct way to add users, particularly when you have
external administrative applications, and additional user attributes.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040422/278f5fdd/attachment.bin


More information about the samba mailing list