ldap filter and man page [WAS Re: [Samba] My story installing Samba-LDAP PDC (it has a happy ending)

Beast indorama at rad.net.id
Wed Jan 21 06:17:35 GMT 2004


* "Gerald (Jerry) Carter" <jerry at samba.org> nulis:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thu, 15 Jan 2004, Beast wrote:
> 
> > But I need some clarification from samba team (Jerry?) whether we can
> > use this filter without breaking any other functions or not, because
> > they must be has strong reason using default filter.
> 
> My opinion is that the 'ldap filter' option in smb.conf should never be
> set.  There are 2 many different LDAP searches now being done (group
> mapping, users, etc...) and we don't use that option consistently
> internally anyways.  Best to leave it alone IMO.

If I did not set "ldap filter" then according man page (smb.conf) it will be:

 Default: ldap filter = (&(uid=%u)(objectclass=sambaAccount))

which is 'not work'. I migh wrong here.

Also man page for smb.conf(5) in samba-3.0.2rc1 is truncated, only 1 page long, at least in srpm package.

fyi, I've tried 3.0.2rc1 without setting 'ldap filter' in smb.conf and put computer account under ou=computer and it able to add machine. 
Any strong reason to not putting computer account different than user accounts?


--beast



More information about the samba mailing list