[Samba] Samba PDC & ldapi://
abartlet at samba.org
Wed Mar 10 11:03:45 GMT 2004
On Wed, 2004-03-10 at 02:03, Adam Williams wrote:
> I've seen several references on the web to setting up the LDAP SAM to
> communicate with the LDAP server via ldapi (IPC) verses ldap (IP). This
> should theoretically much faster.
> My LDAP master is on the same host as the Samba PDC. With nss_ldap
> using "uri ldap://localhost" and Samba using "ldapsam:ldap://localhost/"
> everything works.
> But changing nss_ldap to use "uri ldapi://%2fvar%2frun%2fldapi/" breaks
> Samba. Commands like "ls", "finger", and "id" continue to be able to
> identify users, but Samba starts reporting "no such user" errors.
> Leaving nss_ldap using "ldap://localhost/" and changing ldapsam to be
> "ldapi://%2fvar%2frun%2fldapi" also breaks Samba.
> Of course, having both NSS and Samba use ldapi doesn't work either.
> Exceuting "ldapsearch -H ldapi://%2fvar%2frun%2fldapi/ uid=adam" works,
> so I don't suspect a problem with the ldapi protocol/socket itself.
> Is there known bugs/problems with Samba using ldapi? (This is samba
I run my nss_ldap with:
uri ldap://127.0.0.1/ ldap://ldap.internal.hawkerc.net
and samba with
passdb backend = ldapsam:"ldapi:// ldap://ldap.internal.hawkerc.net"
Which causes nss_ldap to use TCP sockets, for the local and backup ldap
server. Samba uses ldapi for the local, and TCP for the backup server.
I never quite managed to get the full path syntax right in Samba, but
ldapi:// works for me.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040310/35e706a7/attachment.bin
More information about the samba