[Samba] Autentication without /etc/passwd users

John H Terpstra jht at samba.org
Thu Mar 18 22:04:21 GMT 2004 

On Thu, 18 Mar 2004, Marcone Luis Theisen wrote:

> Yes, my /etc/ldap.conf server is = /etc/ldap.conf of my client linux....
>  But I cannot logon in Windows client when the user is not in /etc/passwd.
>
> base dc=test,dc=com
> uri ldap://localhost/

A more usual /etc/ldap.conf file has something like:

SIZELIMIT       12
TIMELIMIT       15
DEREF           never
ldap_version 3

host 172.16.0.1
base dc=abmas,dc=biz
binddn cn=Manager,dc=abmas,dc=biz
bindpw not24get

pam_password exop

nss_base_passwd ou=People,dc=abmas,dc=biz?one
nss_base_shadow ou=People,dc=abmas,dc=biz?one
nss_base_group  ou=Groups,dc=abmas,dc=biz?one


Cheers,
John T.

>
> Thank's
>
> John H Terpstra wrote:
>
> >On Thu, 18 Mar 2004, Marcone Luis Theisen wrote:
> >
> >
> >
> >>The nss_ldap (nsswitch.conf) in server ?
> >>
> >>
> >
> >Have you configured /etc/ldap.conf so that libnss_ldap.so can work?
> >
> >- John T.
> >
> >
> >
> >>Yes, the nsswitch.conf is with ldap parameters in this file.
> >>And I have too the library of nss_ldap.
> >>
> >>But, when my user is not in /etc/passwd I cannot logon in windows 9x client.
> >>
> >>Any ideas ?
> >>
> >>Thank's.
> >>
> >>Marcone
> >>
> >>John H Terpstra wrote:
> >>
> >>
> >>
> >>>On Thu, 18 Mar 2004, Marcone Luis Theisen wrote:
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>>Hi,
> >>>>It seems that the user account must also be in the /etc/passwd when I
> >>>>autentication in Ldap/samba.
> >>>>I have in my Ldap database the Posixaccount.
> >>>>
> >>>>My samba log file:
> >>>>
> >>>>[2004/03/18 07:22:56, 2] passdb/pdb_ldap.c:init_sam_from_ldap(674)
> >>>>init_sam_from_ldap: User [marcone] does not ave a uid!
> >>>>
> >>>>If I have this user in /etc/passwd the autentication is Ok, but I will
> >>>>only autentication in ldap database, without /etc/passwd users....
> >>>>
> >>>>Why ?
> >>>>
> >>>>
> >>>>
> >>>>
> >>>Have you installed/configured nss_ldap? You need to have user and group
> >>>resolution available from LDAP via NSS (/etc/nsswitch.conf).
> >>>
> >>>- John T.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>>Ps: I'm use samba-2.2.8a.
> >>>>
> >>>>My ldap entrie:
> >>>>dn: uid=marcone,ou=People,dc=test,dc=com
> >>>>uid: marcone
> >>>>cn: Marcone Luis Theisen
> >>>>objectClass: person
> >>>>objectClass: posixAccount
> >>>>objectClass: top
> >>>>objectClass: sambaAccount
> >>>>objectClass: inetOrgPerson
> >>>>sn: Theisen
> >>>>loginShell: /bin/bash
> >>>>uidNumber: 2199
> >>>>rid: 5398
> >>>>gidNumber: 100
> >>>>primaryGroupID: 1201
> >>>>homeDirectory: /home/marcone
> >>>>gecos: Marcone Luis Theisen,,,
> >>>>mail: marcone at test.com
> >>>>lmPassword: 3C939212CR09AEF0AAD3B4Q5B51404EE
> >>>>ntPassword: D6162BEA6B43CFE67F2D19C77FBEB356
> >>>>userPassword:: e0NaWVBUfVEwSGlndWErblFpQkk=
> >>>>
> >>>>Thank's
> >>>>
> >>>>Marcone Theisen
> >>>>
> >>>>//
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>>
> >>>
> >>
> >>
> >
> >
> >
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list