[Samba] Idealx programs and ldap backend
Adrian Chow
achow at uwcsea.edu.sg
Wed Jun 16 10:49:18 GMT 2004
Hi,
I got the following setup.
I got a openLDAP server. This server is the master server for LDAP
functions. I named this ldapsrv.
I got a samba server with openLDAP install on it as well. This LDAP
server is the slave to ldapsrv. I named this sambasrv.
The sambasrv currently have the following setup in /etc/smb.conf:-
passdb backend = ldapsam:ldap://ldapsrv.domain
idmap backend = ldap://ldapsrv.domain
add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u'
delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u'
add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g'
delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g'
add user to group script = /var/lib/samba/sbin/smbldap-groupmod.pl -m
'%u' '%g'
delete user from group script = /var/lib/samba/sbin/smbldap-groupmod.pl
-x '%u' '%g'
set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g
'%g' '%u'
add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u'
shutdown script = /var/lib/samba/scripts/shutdown.sh
I want to use sambasrv's openldap directory to read off the passwords
instead of reading it off the network from ldapsrv. Note that all
changes have to be done on ldapsrv in order to be propogated to
sambasrv. Will I have any issues if I shift the 'passdb backend' and
'idmap backend' to point to ldapsrv?
Can i do the above with the smbldap_conf.pm file untouched? The
smbldap_conf.pm files currently point to ldapsrv as the changes will
need to be done on it.
The reason I asked is that during clients authentication or connecting
to the sambasrv, will it modify the ldap entries since smb.conf will
point to sambasrv which is the slave LDAP. I think all changes need to
start from ldapsrv.
Any feedback will be great.
Thanks.
adrian
email : achow at uwcsea.edu.sg
More information about the samba
mailing list