[Samba] Re: Authenticateing DC's on an ldap backend... nobody knows how?

Jim C. jcllings at javahop.com
Wed Sep 29 04:05:24 GMT 2004

>> Folks have been telling me that it is best for one's Domain Controller 
>> know the security implications so I would rather avoid it.
> I still don't know what you have tried, and what it has to do with devfs 
> (shouldn't you be moving away from it to udev?!) But here's what I would 
> do:

If I knew what it had to do with devfs, I would have been alot farther 
along by now.  What I can tell you is that after makeing a few of the 
necesary changes, the initscript that starts devfs will no longer 
complete on startup. That is the only thing that is wrong that I can 
find, I just don't understand it.  devfs is the system that is used by 
Mandrake.  In order to write a HOWTO for this, I need to have as similar 
a setup as possible.

> # Create your hashed password:
> % slappasswd
> # It's that simple! ;o)
> Hope it helps,

Every little bit does.  Thank you.  :-)

...which goes back into me not yet having mentioned that which has 
already been tried. :-/  What was tried previously was adding 
simpleSecurityObject to the domain controller's host entry and then 
adding the dn of the host entry as a member attribute of the "Domain 
Controller"'s group.  This worked for the smbldap scripts but not for 
the controller itself.  I could not log any users in.  I'll try again 
and see if I can get you some errors from the logs.  Can you reccomend 
appropriate log levels for slapd/smbd?  I've always had trouble with 
them which may explain a lot.

Jim C.
| I can be reached on the following Instant Messenger services: |
| MSN: j_c_llings at hotmail.com  AIM: WyteLi0n  ICQ: 123291844 	|
| Y!: j_c_llings               Jabber: jcllings at njs.netlab.cz	|

More information about the samba mailing list