[Samba] Re: My story installing Samba-LDAP PDC (it has a happy ending)

Vegeta lord.vegeta at ica.luz.ve
Thu Jan 15 03:47:34 GMT 2004 

Craig White wrote:

> On Wed, 2004-01-14 at 19:13, Vegeta wrote:
> 
>> I expect this story could help others trying to do the same I am doing.
>> The next battle will be configuring a BDC, but that will be another day.
>> 
> --
> The truth is, with 3.0.0 on RH AS 3, I got it running, ldap backend,
> with a BDC and master/slave LDAP servers. It was hard.
> 
Ouch.

> The documentation in the How-to is sufficient. But it seems more like an
> extended man page than a how-to. The problem is that there are so many
> different ways these tools are used that there is absolutely no way the
> documentation can have the exact instructions for what you are trying to
> set up.
> 
Maybe you are right. But the documentation does have mistakes when it comes
to LDAP. Most of the information is correct and you are right it does look
more like an extended man page (although the smb.conf man page is very very
useful).

> John is apparently writing a book of example setups - which might be
> what you are looking for.
> 
Probably. But at least I finally reached my first goal. Since BDC support
was inexistent in Samba 2.2.x probably all the documentation applies to
3.0.x.

> The truth of the matter regarding machine accounts and LDAP (probably
> for the other backends as well) is that even with 2.x.x samba, machine
> accounts were located in the same data tree with the users. You
> certainly can tell smbldap-tools and samba and nsswitch.conf to put
> computer accounts in ou=Computers,dc=domain,dc=org but when it comes
> time that the OS needs to verify their existence/passwords/trust - they
> aren't gonna be found.
My only problem was adding a new computer. When I moved an existing computer
to ou=Computers I was still able to login. What I could not do was adding
another computer.

> 
> I don't know when it will be fixed to track with what would be our
> expectations...perhaps one of the developers will clue us in.
> 
> In the meantime, your post - though well intentioned was way too long to
> actually seriously consider digesting.
Actually, i did not expect it to be so long. I expected to fail earlier but
everything worked. I tried to detail everything so it was easier for others
to find out what I did wrong and help me.
Since everything worked all right I saw the thing was kind of a step by step
guide to do what I wanted to do.


> 
> Craig
> 
VS

More information about the samba mailing list