[Samba] openldap2 + samba3 user changed password on BDC wouldn't
sync with PDC
Bella Wong
b.wong at acfr.usyd.edu.au
Tue Oct 12 03:44:38 GMT 2004
Hi all,
I am newbie on this and I couldn't figure out what I have configured wrong.
I have setup three Linux Debian Sarge servers with openldap2 + samba3.
PDC and master ldap on one machine and BDC slave ldap on the other two.
I followed instructions on
http://us1.samba.org/samba/docs/man/Samba-Guide/happy.html to set them up.
I am using utilities smbldap-passwd.pl from idealx for password changing.
User could change password on PDC and it will populate to DBC, but when the
user change password on BDC, it will not populate to PDC.
All machines are on the same subnet and all services are running.
Can any expert please help?
Following are some configuration files:
BDC: slapd.conf
------------------------
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/samba.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
pidfile /var/run/slapd/slapd.pid
argsfile /var/run/slapd/slapd.args
# Where the dynamically loaded modules are stored
modulepath /usr/lib/ldap
moduleload back_ldbm
moduleload back_bdb
database ldbm
suffix "dc=cas,dc=edu,dc=au"
rootdn "cn=Manager,dc=cas,dc=edu,dc=au"
rootpw {SSHA}k/1J1yvtDnmX/4kfQdzQReD9YLyysQxK
directory "/var/lib/ldap"
# Indices to maintain
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default sub
# The following part is for slave slapd
updatedn "cn=Manager,dc=cas,dc=edu,dc=au"
updateref <ldaps://cassia.cas.edu.au> ldaps://cassia.cas.edu.au
==============================
BDC: smb.conf
--------------------
# Global parameters
[global]
unix charset = LOCALE
workgroup = CAS
netbios name = cashew
server string = CAS SAMBA-LDAP BDC Server cashew
passdb backend = ldapsam:ldap://cashew.cas.edu.au
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
printcap name = CUPS
show add printer wizard = No
logon script = scripts\logon.bat
logon path = \\%L\profiles\%U
logon drive = X:
domain logons = Yes
domain master = No
wins server = 172.17.7.243
ldap suffix = dc=cas,dc=edu,dc=au
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=cas,dc=edu,dc=au
idmap backend = ldap:ldap://cashew.cas.edu.au
idmap uid = 10000-20000
idmap gid = 10000-20000
printing = cups
printer admin = Administrator, bellaadmin
[accounts]
comment = Accounting Files
path = /data/accounts
read only = No
[service]
comment = Financial Services Files
path = /data/service
read only = No
[pidata]
comment = Property Insurance Files
path = /data/pidata
read only = No
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No
[apps]
comment = Application Files
path = /apps
admin users = bellaadmin
read only = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[profdata]
comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = Administrator
[projects]
comment = Projects Share
path = /projects
writeable = yes
printable = no
browsable = yes
public = no
create mask = 0644
directory mask = 2775
delete readonly = yes
========================
Bella Wong
More information about the samba
mailing list