[Samba] Idealx programs and ldap backend

Adrian Chow achow at uwcsea.edu.sg
Thu Jun 17 01:43:16 GMT 2004

Hi Paul,

Thanks for your insights.  I have corrected my add_posix_machine 
function.  It should work fine.

Ok.  Maybe I was confused to ask my original question because my reason 
for starting this conversation is because I got a connection everytime I 
try to connect to the server.  Maybe my passwd backend is pointing to a 
slow ldap master in the network.  I don't have referrals since all my 
data is in the same tree of the ldap master.  I did not dedicate any of 
the sort (eg. ou=people,dc=domain) to other ldap slaves.
The reason is that since my sambasrv is also a ldap slave and contain 
all the entries, I wanted to point to itself (sambasrv) rather than the 
slow ldap master (ldapsrv) in the network to see whether the connection 
process can be hastened.
However  due to my limit knowledge, I am afraid that if  I do that I 
will updated data in the ldap slave (sambasrv) and not the master 
ldapsrv. Currently my master ldapsrv is replicating to a few ldap slaves 
beside sambasrv.  I wonder is it only when I am trying to join machines 
to the domain that I need to point to the ldap master?  If that is so, I 
can point the passwd backend locally (sambasrv) and when I need to add 
machines, I point the passwd backend to the master ldap master.  Tricky 
process but I just want to increase the performance of the connection.  
My ldap master (ldapsrv) is running on a very slow machine.  Pentium 1?

2nd question: - Can I turn off add user scripts option as I don't want 
any connection to the samba server to create a new user on the server?

Thanks a lot for your input.  Also Stephanie's.


Paul Gienger wrote:

> Adrian Chow wrote:
>> Hi Paul,
>> thanks for the reply.  2 questions:-
>> 1.  In the smbldap-useradd.pl file, there are lines that are 
>> commented out.  SInce my add machine script is only with "-w", and my 
>> with_smbpasswd variable in the smbldap_conf is =0, i found that it 
>> will only create a posix account on the ldap.  I don't see it 
>> creating the samba portion in the ldap.  Does it do it 
>> automatically?  My ldap shows that the samba portion is done 
>> automatically.  [However I think I have to join the domain 2 times 
>> for each machine.... don't know why the first time it joins it 
>> fails..  The second time succeeds.]
> This sounds exactly like what I was seeing.  The first time it would 
> create the posix user, but fail looking for it to modify to add the 
> samba objectClass and attributes.  The second time you try to create 
> it, the posix info is there, and it can find it so it proceeds to 
> modify it for samba use.  I found this was happening in my situation 
> because the replication wasn't happening fast enough.  I modified my 
> sub add_posix_machine function to have a wait at the end:
>        sleep(5);
> right before the function ends.  This gave the ldif data time to come 
> from our remote master server.
>> 2.  Can I know what happens if my refferals is not done properly and 
>> I point my passwd backend to the ldap slave server?  Does it have an 
>> effect only when a machine joins the domain?
> That I couldn't tell you for sure since our referrals have been 
> working since before samba had anything to do with LDAP.  I would 
> guess that you wouldn't be able to join at all, no matter how many 
> times you try.  The add/modify request would never make it up to the 
> master LDAP server.

More information about the samba mailing list