[Samba] Winbind/LDAP Backend question
Nik Reiman
nik at aboleo.net
Fri Jun 25 19:33:57 GMT 2004
On Jun 24, 2004, at 4:09 PM, Paul Gienger wrote:
> To do that part you issue a
> smbpasswd -w <passwordstring>
> on the command line of your samba box to set the bind password to
> associate with the ldap admin dn.
Thanks; I forgot about this step. However, the machine still won't
authenticate... there's a really long pause, and eventually it rejects
the correct login password. I checked the system logs, but since this
goes through pam, it may be out of samba's hands....
> Have you tried storing your winbind idmap on an openldap (or other
> ldap) server? You could either manually pull the SIDs from the
> windows directory and then sync them with uids with a script, or you
> could change the uid stored in the idmap database to match the uid
> manually as the users connect. I suppose you could store that in your
> AD server as well, no real reason you couldn't. This wouldn't be
> reinventing the wheel quite as much and samba will work out of the box
> with that idmap data.
Although I'm not a big fan of openldap, this was suggested.
Unfortunately, due to decisions made out of my hands, AD was chosen as
the single database to hold all of our login and user information.
-Nik
--
// Nik Reiman || nik at aboleo.net || http://www.aboleo.net \\
More information about the samba
mailing list