[Samba] LDAP suffixes
Gerald (Jerry) Carter
jerry at samba.org
Wed Aug 17 15:41:39 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
William Jojo wrote:
>
> On Wed, 17 Aug 2005, Gerald (Jerry) Carter wrote:
>
> William Jojo wrote:
>
>>need clarification of the use of:
>
>>ldap suffix
>>ldap machine suffix
>>ldap user suffix
>>ldap idmap suffix
>
>>smb.conf.5 indicates you should have a fully qualified suffix such as:
>
>> ldap suffix = dc=blah,dc=com
>> ldap machine suffix = ou=People,dc=blah,dc=com
>> ldap user suffix = ou=People,dc=blah,dc=com
>> ldap group suffix = ou=Groups,dc=blah,dc=com
>> ldap idmap suffix = ou=Idmap,dc=blah,dc=dom
> The man page is wrong. You can use a fully DN only if
> 'ldap suffix' is an empty string.
>
>
>
>> Ok. Should 'ldap suffix' ever be empty? Where would
> Samba put sambaDomain objects if this were empty? It seems to
> me this should never be empty. :-)
True. Can't really write the rootDSE now can you.
+1 for you.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDA1qzIR7qMdg1EfYRAi6TAKCjyZF3D+kSMPGTatuzo9sCw/KqlACeLzAM
X04BbWkomLpoynmxfm0N8qo=
=dlSI
-----END PGP SIGNATURE-----
More information about the samba
mailing list