[Samba] Re: Groupmap problem

Danny Paul jdpaul at gocolumbiamo.com
Mon Dec 27 18:02:03 GMT 2004


>         ldap passwd sync = Yes
>         ldap delete dn = yes
>         ldap suffix = dc=ZahidTractor,dc=com
>         ldap user suffix = dc=zahidtractor,dc=com
>         ldap group suffix = dc=zahidtractor,dc=com
>         ldap group suffix = dc=zahidtractor,dc=com
>         ldap machine suffix = ou=Computers
First of all, you have two group suffix directives, when you should only
have one.  Beyond that, they are both incorrect, along with the user and
machine suffixes.

The group suffix, along with machine suffix, user suffix, etc are additive
to the ldap suffix.  Your config should look something like this:


       ldap group suffix = ou=group
       ldap idmap suffix = ou=Idmap
       ldap machine suffix = ou=people
       ldap suffix = dc=zahidtractor,dc=com

This causes the context of the group to be ou=group,dc=zahidtractor,dc=com.

Also, the Machines and Users must be stored in the same OU.  It appears that
you have users stored in one OU and Computers stored in another OU.  I
don't believe this is supported right now.  (I believe this is because PAM
will only search one OU for a UNIX user instead of multiples.)

Please reply to this thread instead of my email address.

Happy Holidays!





More information about the samba mailing list