[samba] samba is killing our LDAP
Andrew Bartlett
abartlet at samba.org
Wed Apr 13 12:09:02 GMT 2005
On Wed, 2005-04-13 at 12:47 +0100, Daniel Wilson wrote:
> Hi all,
>
> We have samba 3.0.11 installed on suse 9.2, we are in the middle of a
> project of rolling out samba to about 15,000 users in our university,
> samba is configured to auth via LDAP (Sun One Directory Server 5.2),
>
> For some reason samba is doing this query...
>
> [13/Apr/2005:10:41:04 +0100] conn=9823 op=2 msgId=3 - SRCH
> base="dc=sunderland,dc=ac,dc=uk" scope=2
> filter="(objectClass=posixAccount)" attrs="uid userPassworduidNumber
> gidNumber cn homeDirectory loginShell gecos description objectClass"
First, that's not Samba directly, that is nss_ldap. Some bright bit of
code is doing 'getent passwd' or the equivalent. Now, this may be
triggered by Samba, and if your LDAP server is internally consistent
(all the things Samba cares about are in ldap), then you should try
setting 'ldapsam:trusted = yes' in your smb.conf. This is meant to be
better with current Samba3 over 3.0.11, but that version does include an
older version of the code.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050413/fd616b61/attachment.bin
More information about the samba
mailing list