[Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
Craig White
craigwhite at azapple.com
Tue Jul 20 02:48:34 GMT 2004
On Mon, 2004-07-19 at 19:34, José Ildefonso Camargo Tolosa wrote:
> >http://samba.idealx.org/smbldap-howto.fr.html as you
> >recommended. I have one big question, which one do I
> >put in '/etc/ldap.conf'
> >
> >nss_base_passwd dc=wbcoll,dc=edu?one
> >nss_base_shadow dc=wbcoll,dc=edu?one
> >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
> >
> >or
> >
> >nss_base_passwd ou=Users,dc=wbcoll,dc=edu?one
> >nss_base_shadow ou=Users,dc=wbcoll,dc=edu?one
> >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
> >
> >
> Neither, use this:
>
> nss_base_passwd dc=wbcoll,dc=edu?sub
> nss_base_shadow dc=wbcoll,dc=edu?sub
> nss_base_group ou=Groups,dc=wbcoll,dc=edu?one
>
> Look at the sub, it tells the system to descend to all the sub-objects it may have.
>
---
It is pertinent to consider that this suggestion waives any efficiency
for ease of use as it will tell all user lookups to search the entire
LDAP tree.
I already told him to use his second choice as that is most efficient. I
recognize that your option would permit the option of trying to use a
separate organizational unit for Computers but this guy is endlessly
confused, and simple is clearly better for his purposes, without
considering the impact of excessive searching of the LDAP db.
Craig
More information about the samba
mailing list