[Samba] LDAP suffixes

William Jojo jojowil at hvcc.edu
Wed Aug 17 15:36:26 GMT 2005 


On Wed, 17 Aug 2005, John H Terpstra wrote:

> On Wednesday 17 August 2005 09:15, William Jojo wrote:
> > need clarification of the use of:
> >
> > ldap suffix
> > ldap machine suffix
> > ldap user suffix
> > ldap idmap suffix
> >
> > smb.conf.5 indicates you should have a fully qualified suffix such as:
> >
> >    ldap suffix = dc=blah,dc=com
> >    ldap machine suffix = ou=People,dc=blah,dc=com
> >    ldap user suffix = ou=People,dc=blah,dc=com
> >    ldap group suffix = ou=Groups,dc=blah,dc=com
> >    ldap idmap suffix = ou=Idmap,dc=blah,dc=dom
>
> It is sufficient to specify:
>
> 	ldap suffix = dc=foobar,dc=biz
> 	ldap machine suffix = ou=Computers
> 	ldap user suffix = ou=People
> 	ldap group suffix = ou=Groups
> 	ldap idmap suffix = ou=Idmap
>
> Samba will take care of the catenation. These will all be expanded correctly.
> For example the 'ldap user suffix' will be expanded to:
>

Thanks, John. I failed to indicate that this is how I currently use it. I
wanted to clear up the confusion as I know you like documentation to be
very clear and concise.  :-) :-)


Cheers,

Bill


> 	ldap machine suffix = ou=Computers,dc=foobar,dc=biz
>
> - John T.
>
> >
> > as demonstrated by:
> >
> >  Example: ldap idmap suffix = ou=Idmap,dc=samba,dc=org
> >
> > and
> >
> >  Example: ldap group suffix =
> >                ou=Groups,dc=samba,ou=Groups
> >
> > (which, btw, is a not a good example)
> >
> >
> > However, it appears from a log level 5 that this happens:
> >
> > [2005/08/17 11:05:57, 5] lib/smbldap.c:smbldap_search_ext(980)
> >   smbldap_search_ext: base => [ou=Groups,dc=blah,dc=com,dc=blah,dc=com],
> > filter
> > => [(&(objectClass=sambaGroupMapping)(gidNumber=-2))], scope => [2]
> >
> > It combines two suffixes. Which is the correct behavior?
> >
> > I see utils/net_rpc_samsync.c seems to think the prior is true.
> >
> >
> > This behavior is consistent all the way back to 3.0.11.
> >
> >
> > Cheers,
> >
> >
> > Bill
>
> --
> John H Terpstra, CTO
> PrimaStasys Inc.
> Phone: +1 (650) 580-8668
>
> Author:
> The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
> Samba-3 by Example, ISBN: 0131472216
> Hardening Linux, ISBN: 0072254971
> Other books in production.
>

More information about the samba mailing list