[Samba] Need help configuring Samba3/LDAP PDC
Aaron Ogden
aogden at gxt.com
Thu Jun 10 21:53:51 GMT 2004
> Have you checked the logging on OpenLDAP? I'd set the loglevel
> to 488 and look at the queries samba is doing. If you have
> "root = administrator admin" in your smbusers file then samba
> will look for an ldap entry with uid=root. grep the ldap log
> file for that and comment out that line in smbusers if that
> seems to be the case.
>
> Rich
Hello Rich (and others), thanks for responding. I turned up the
loglevel, fixed some configuration errors in smb.conf, and commented the
root= entry in smbusers. You were right, Administrator was being mapped
to 'root'. Now I can authenticate LDAP users in Samba, e.g. 'smbclient
-L localhost -U Administrator' works properly. Unfortunately I still
cannot join the PDC machine to the domain and I think I know why.
When I run 'net rpc join -U Administrator' the machine account gets
created but it is a posixAccount instead of a sambaSamAccount. In other
words it is a normal unix user account that is missing all of the
samba-related fields. Samba is calling the IDEALX smbldap-useradd.pl
script to create the account but obviously I've got an error
somewhere... the user accounts it creates are not samba-capable. Does
anyone know how to fix this? Did I miss something in smbldap_conf.pm?
On a related note, I've imported lots of NIS data into this LDAP
directory, so I have lots of valid Unix accounts. These are working
properly on LDAP-enabled linux machines, but how do I 'convert' them for
use with Samba? Ideally I would like to have one record for each user
that contains all of the samba data as well as the unix data. Is there
an easy way to add the appropriate samba fields to 'normal'
posixAccounts? Is there a FAQ that covers the procedure? Any help
would be welcome.
thanks in advance,
aaron
More information about the samba
mailing list