[Samba] ldap configuration oddity
Patrick W. Riehecky
prieheck at iwu.edu
Fri Dec 3 17:14:01 GMT 2004
Hey, I am totally confused/lost/confused getting this config working.
I am trying to get samba to authenticate against LDAP. After reading a
bunch of docs I generated the config at the end.
When I run testparm against it I get:
Load smb config files from /etc/samba/smb.conf
Unknown parameter encountered: "ldap server"
Ignoring unknown parameter "ldap server"
and then the rest of my config file INCLUDING
passdb backend = ldapsam:ldaps://accounts.iwu.edu
I would suspect that LDAP support is not compiled in for this binary,
except then testparm should complain a bit more about all my LDAP
config settings, not just the ldap server setting. Furthermore, I am
using Fedora's rpm, and I think that they would either offer a LDAP
enabled rpm or enable it themselves - I cannot locate a rpm that states
that it is LDAP enabled, so my guess is the former.
I am using Samba version 3.0.9-1.fc3 for Fedora Core 3.
Here is my config file.
your thoughts?
--------
[global]
server string = %h (Samba %v)
log file = /var/log/samba/log.%m
log level = 5
max log size = 100
dns proxy = No
socket options = IPTOS_LOWDELAY TCP_NODELAY
security = user
obey pam restrictions = Yes
encrypt passwords = Yes
default = homes
load printers = No
show add printer wizard = No
max disk size = 300
invalid users = root @wheel @root
wide links = No
hide unreadable = Yes
hide special files = Yes
veto files = /,/proc,/dev,/sys,/etc,/boot,/lib,/home
dont descend = /,/proc,/dev,/sys,/etc,/boot,/lib,/home
ldap server = accounts.iwu.edu
ldap admin dn = "cn=foo,ou=bar,dc=iwu,dc=edu"
ldap suffix = dc=iwu,dc=edu
ldap ssl = start tls
ldap delete dn = No
ldap filter = (&(uid=%u)(objectclass=sambaSamAccunt))
idmap backend = ldap:ldap://accounts.iwu.edu
ldap user suffix = ou=foo
ldap group suffix = ou=bar
passdb backend = ldapsam:ldaps://accounts.iwu.edu
ldap passwd sync = Yes
[homes]
comment = %S's Home Directory
valid users = %S
browseable = no
read only = no
----------------------
More information about the samba
mailing list