[Samba] Ldap ACL for PDC

RRuegner robert at ruegner.org
Fri Feb 27 15:34:19 GMT 2004

normally every client  ( samba etc ) needs only
read access cause this will enough to get the needed
data, but if you wanna add users with perl scripts
or usrmgr you need to have write access to ldap for sure.
This normally done with the admin ( root manager )account. smbpasswd -w
"secret" stores in secret.tdb
But that is not general, you can configure ldap to varia
read write rights ( see man ldap )
so it depends on you how you configure it.
I recommend to use the "manager" account for smb
to keep things simple , but if youre good coder
serveral setups are thinkable.
----- Original Message ----- 
From: "Adam Williams" <adam at morrison-ind.com>
To: <samba at lists.samba.org>
Sent: Friday, February 27, 2004 2:59 PM
Subject: Re: [Samba] Ldap ACL for PDC

> > What operation will be performed by samba PDC/BDC to ldap server? Is all
operation will always bind as ldap admin dn or anonymously?
> If an administrative bind is specified it seems to always use that.
> Don't forget that it needs to add objectclasses to prexisting objects.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list