[Samba] Password sync

g.tranelli at inarcassa.it g.tranelli at inarcassa.it
Fri Jul 2 09:12:37 GMT 2004 

Hi all,
 I have configured two samba-3.0.4 (PDC and BDC) with ldap (openldap).
My problem is that we have a third ldap in my company and I changed the source
of smbldap from idealx to sync that ldap.
I did a debug and samba calls the script in the right way, but, this is the
weird stuff, the script sync my two openldap servers but do not sync the third
ldap.
Running the script by hand it works perfectly, not through samba.
This is my smb.conf:

# Global parameters
[global]
        workgroup = SMBV3DOMAIN
        netbios name = SMBV3PDC
        server string = Samba-Ldap PDC
        domain logons = Yes
        preferred master = Yes
        domain master = Yes
        local master = Yes
        wins support = No
        os level = 65
;       bind interfaces only = true
;       interfaces = 127.0.0.1 10.0.0.91 10.0.0.92
        hosts deny = ALL
        hosts allow = 127.0.0.1 10.0.0.0/255.0.0.0
        security = user
        time server = Yes
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        mangling method = hash2
        Dos charset = 850
        Unix charset = ISO8859-1
        load printers = No
        panic action = "echo 'Samba V3 Panic' | /bin/mail -s 'Samba V3 Panic'
g.tranelli at inarcassa.it"
;
; for debug purpose only
        log level = 101
        log file = /var/log/samba/log.%m
        passwd chat debug = Yes
;       max log size = 0
        syslog only = No
        syslog = 10
;
        passdb backend = ldapsam:ldap://localhost
        encrypt passwords = Yes
        unix password sync = Yes
        ldap passwd sync = No
        obey pam restrictions = No
        passwd chat debug = Yes
        passwd program = /usr/local/sbin/smbldap-passwd %u
        passwd chat = "Changing password for*\nNew password*" %n\n "*Retype new
password*" %n\n"
;
;        logon script = netlogon.bat
;        logon drive = L:
;        logon home = \\SMBV3PDC\shared
;        logon path = \\SMBV3PDC\profiles\%U
        logon script =
        logon drive =
        logon home =
        logon path =
;
;        ldap admin dn = cn=samba,ou=Dsa,dc=example,dc=it
        ldap admin dn = cn=samba,ou=Dsa,dc=example,dc=it
        ldap suffix = dc=inarcassa,dc=it
        ldap group suffix = ou=Groups
        ldap user suffix = ou=Users
        ldap idmap suffix = ou=Users
        ldap machine suffix = ou=Computers
        ldap ssl = No
        ldap delete dn = No
;
        add user script = /usr/local/sbin/smbldap-useradd -m "%u"
;       delete user script = /usr/local/sbin/smbldap-userdel "%u"
        add machine script = /usr/local/sbin/smbldap-useradd -w "%u"
        add group script = /usr/local/sbin/smbldap-groupadd -p "%g"
;       delete group script = /usr/local/sbin/smbldap-groupdel "%g"
        add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
        delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u"
"%g"
        set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"
;

More information about the samba mailing list