[Samba] Folding Samba into existing PAM_LDAP?

Graham Leggett minfrin at sharp.fm
Tue May 4 14:39:24 GMT 2004

jehan.procaccia wrote:

> I have the same question, I've got an existing openldap sever running 
> with posixAccount users for linux pam/nss auth working OK .
> How can I  enter smbpasswd users information to the existing Ldap 
> database (just add the sambaSamAccount information needed for a PDC base 
> on Ldap auth) !? Idealx scripts creates a whole dedicated Ldap database 
> :-( .

I used a tool called directory_administrator, which I had to patch to 
support Samba v3.0. All you need to do is ensure the LDAP object that 
represents your domain is set up correctly, and then edit each user to 
add that user to the domain.

The patched version is at 
http://www.sharp.fm/software/directory_administrator available as a 
patch, or as an SRPM.

If you have thousands of users, then this is probably not going to be 
practical. In that case use the idealx scripts to create a "test" LDAP 
tree, which will allow you to see what attributes you need to add to 
your users.

Once this is set up, your users are going to have to reset their 
passwords so that the windows specific versions of the passwords are 
stored properly.


More information about the samba mailing list