[Samba] last ldap question ;-)

[Kiryl Hakhovich]

Hey Paul,

You are correct only samba and ldap is a bit too much ;-)
i have ldap system wide and for samba.
it is working fine for network authentication ssh and etc...and even 
with samba, however adding users apparently is a pain in the ass.

(unless i am missing something in configuration) and i can not find 
anything from OFFICIAL samba that may pointed out the obvious mistakes.

Thanks,
Kiryl.

Paul Gienger wrote:

> 
>> if you have ldap and samba configured together do you still need to 
>> have local accounts in /etc/passwd in order to use smbpasswd or 
>> pdbedit utility?  (_fact_: smbldap-useradd.pl using them anyway _fact_)
> 
> 
> You're going to love this... that depends.
> 
> IF you want your system(s) to authenticate against LDAP, independant of 
> samba, then no, those user accounts will be stored in the LDAP store.  
> If you are just storing samba data in ldap and don't care about network 
> authentication at the system level, then yes you do.  There are many 
> independant pieces of the puzzle that you can configure any way you want.
> 
> Note: putting samba in ldap and not using ldap for anything but storage 
> of samba data (that is, with users in the system password file) is 
> really quite a bit of overkill, that's what tdbsam is for.   I guess you 
> could use winbind against your ldap server if you really wanted to 
> though, which could work just fine.  It's really up to the way you 
> wanted to set it up.
> 
> I would assume (and we know where that gets you) that most of the time, 
> posix data is stored in LDAP first, the system authenticates just fine 
> against LDAP, and then people would try to layer on samba support.  From 
> the amount of problems people seem to be having, that doesn't seem to be 
> the case.
> 
>>
>> Thank you.
>>
>> Sincerely,
>> Kiryl.
>>
>