ldap filter and man page [WAS Re: [Samba] My story installing
Samba-LDAP PDC (it has a happy ending)
abartlet at samba.org
Thu Jan 22 07:43:14 GMT 2004
On Thu, 2004-01-22 at 13:30, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Beast wrote:
> > If I did not set "ldap filter" then according man page
> > (smb.conf) it will be:
> > Default: ldap filter = (&(uid=%u)(objectclass=sambaAccount))
> The ldap filter parameter is irrelavant in some searches (such as the
> idmap backend ldap searches and the gourp mapping lookups).
> > Also man page for smb.conf(5) in samba-3.0.2rc1 is
> > truncated, only 1 page long, at least in srpm package.
> Hmmm...it's fine in the tarball. And it's fine in the RH SRPM.
> Something wrong your system ?
> > fyi, I've tried 3.0.2rc1 without setting 'ldap filter' in
> > smb.conf and put computer account under ou=computer and
> > it able to add machine. Any strong reason to not putting
> > computer account different than user accounts?
> It's not real since nss_ldap still has locate the posixAccount
> for the computer.
Naturally, this just means you need to give nss_ldap the same ldap base
DN to search under as samba is using. Naturally, if nss_ldap only looks
under ou=people, then it's not going to work, but I set my base dn to
just 'dc=hawkerc,dc=net', and carry the minor cost of a possible search
against other ou's that might not contain accounts.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040122/6141b60b/attachment.bin
More information about the samba