[Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
Paul Gienger
pgienger at ae-solutions.com
Mon Jul 19 21:10:28 GMT 2004
>I have one big question, which one do I
>put in '/etc/ldap.conf'
>
>nss_base_passwd dc=wbcoll,dc=edu?one
>nss_base_shadow dc=wbcoll,dc=edu?one
>nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
>
>or
>
>nss_base_passwd ou=Users,dc=wbcoll,dc=edu?one
>nss_base_shadow ou=Users,dc=wbcoll,dc=edu?one
>nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
>
>
The second. The first one won't let the system do authentication and
user lookups. If you were to put
dc=blah?sub
things would work but you'd really shoot your performance in the foot
since you'd be searching the entire ldap tree for user data. Every time
you do a file lookup or something similar you'd have to query the entire
tree and any subobjects, taking nscd out of the equation of course.
>I am not really using "ldap ssl = start tls" yet. I
>will get to that part after I get the rest of the
>stuff working.
>
>
A very good plan. Too many people try to layer on protocols and
confusion before they get the underlying systems working.
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc.
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.com mailto: pgienger at ae-solutions.com
More information about the samba
mailing list