[Samba] Fixed it myself... (ldap/winbind)

Craig White craigwhite at azapple.com
Thu Jun 10 21:02:12 GMT 2004

On Thu, 2004-06-10 at 13:11, Josh Skains wrote:
> After much searching, research, compiling, and some guess work, I found my problem was wrapped around one simple fact. I didn't have the samba.schema included.
> I now have some suggestions:
> 1. If you are going to force people to use something complex, DOCUMENT it. Assume there are people like me who have no understanding of ldap. Even some automatic script should be written for people who need LDAP for distribution but plan to use LDAP for absolutely NOTHING else.
> 2. Then make a simple shared daemon called "unixmapd" or something that works like WINS. Everyone can attach to one simple server and see the maps... Whoever gets a resolve first, adds the new entry. So if "ENG\joe" logs into server "bozo" and "bozo" sees there isn't a map in the "unixmapd", then it contributes it. It's that simple!
> Just my thoughts,
Your thoughts - rely upon an assumption that is clearly false...that
ldap is usable without understanding it, that understanding it is
digestible in some easy form and that documentation doesn't exist.

I have posted this a few times the past 6 months but new users seem to
pop up without fully digesting the archives.

- LDAP is a learning curve all to it's own. It may be harder to learn
than any other that you have learned, certainly the concepts can be more
difficult to grasp than things like BIND, sendmail, apache.

- LDAP has no pat setup. There are a lot of LDAP providers (openldap,
sun, novell, etc.) and there are a number of different versions being
circulated, even by the same providers.

- It makes little sense to use LDAP for Samba and not local system user
accounts, and why would you think that you can use LDAP for local
account security without fully digesting the implications and the

- Once you understand LDAP, and can add, delete, search from the command
line, integrating it with samba is easy. If you don't understand LDAP,
integrating it with mail, ftp, ssh etc. is just another hurdle, just
like samba.

As for the documentation...John has written 2 excellent books, both
available at the book store and accessible in the documentation link on
the samba web site...Samba 3 HOW-TO and Samba 3 by Example


More information about the samba mailing list