[Samba] Re: Re: Re: Trying to configure a SAMBA 3 PDC with OpenLDAP

Sundaram Ramasamy sun at percipia.com
Mon Jan 12 21:02:56 GMT 2004


Curtis Grote,

I have the same configuration, what you have. I am storing computer under
ou=People tree.

1. when you add machine account using smbldap-useradd -a -w <machine
name>. it will create only postfix entry. while adding machine it
willcreate sambaSamAccount entry.

2. I didn't use the perl command to install perl LDAP module.

perl -MCPAN -e 'install  Bunle::Net::LDAP'

For computer account storage, we need to ask samba develoment list.

Thanks
SR

>>>
> Sundaram,
> I am using SuSE 8.2 and Samba 3.0.2pre1. I just re-populated  using
> smbladp-populate and tried to
> add a machine account (under 'computers'). The machine account is added
> OK, but the subsequent lookup is still searching under 'People'.  The
> machine account add function does not, however add a 'sambaSamAccount
> entry, even though my machine account script line includes a '-a'.  I
> would also like to use 'computers' as this seems to be a lot cleaner way
> to seperate entities, but I too would like some idea as to how close this
> is to being fixed. The other angle I would like to pursue is if we are
> experiencing some problems because of some distribution unique
> configuration. Did you have to perform a 'perl -MCPAN -e 'install
> Bunle::Net::LDAP' in order to get the smbldap-tools to work? I am
> wondering if that what is causing me to experience some problems which
> others do not seem to have.
> Here are some pertinent lines from my smb.conf:
>
> passdb backend = ldapsam:ldap://kemosabe.pmmc.com
> ldap admin dn="cn=admin,dc=pmmc,dc=com"
> ldap ssl = off
> ldap delete dn = no
> ldap passwd sync = yes
> ldap suffix = dc=pmmc,dc=com
> ldap user suffix = ou=People
> ldap group suffix = ou=Groups
> ldap machine suffix = ou=Computers
> ldap filter = "(&(uid=%u)(objectclass=sambaSamAccount))"
> ldap idmap suffix = dc=pmmc,dc=com
>
> passwd program = /home/sambaldap/smbldap-passwd.pl '%u'
> passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
> *passwd:*all*authentication*tokens*updated*successfully*
>
> add user script = /home/sambaldap/smbldap-useradd.pl -a -F
> \\%L\profiles\%u %u
> delete user script = /home/sambaldap/smbldap-userdel.pl '%u'
> add group script = /home/sambaldap/smbldap-groupadd.pl '%g'
> delete group script = /home/sambaldap/smbldap-groupdel.pl '%g'
> add user to group script = /home/sambaldap/smbldap-groupmod.pl -m '%u'
> '%g'
> delete user from group script = /home/sambaldap/smbldap-groupmod.pl -x
> '%u' '%g'
> set primary group script = /home/sambaldap/smbldap-usermod.pl -g '%g' '%u'
> add machine script = /home/sambaldap/smbldap-useradd.pl -a -w -d /dev/null
> -g 553 -c 'Machine Account' -s /bin/false %m
>
> Curtis Grote
> Memorial Hospital
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>



More information about the samba mailing list