[Samba] Use of netgroups and LDAP in Samba

[Tom Crummey]

Hello,

I'm in the process of migrating from Samba 2.2.8a to 3.0.14a and also
changing from NIS to LDAP. I've installed and populated SUN's Directory
Server v5.2 and added the required schema extensions and imported some
accounts for testing with Samba.

Previously I used a NIS netgroup in the hosts allow clause, of the form
@hosts_smb and this worked when the samba server system was still using
NIS as its directory. Now that I've converted the samba server to use
LDAP as its directory, samba will no longer find hosts in the netgroup.

I've inserted the netgroup information into LDAP and the log information
seems to indicate that it is looking there:

[2005/08/18 17:31:21, 3] lib/access.c:only_ipaddrs_in_list(291)
  only_ipaddrs_in_list: list has non-ip address (@hosts_smb)
[2005/08/18 17:31:21, 3] lib/access.c:check_access(316)
  check_access: hostnames in host allow/deny list.
[2005/08/18 17:31:21, 5] lib/access.c:string_match(100)
  looking for 128.40.40.89 of domain ee.ucl.ac.uk in netgroup hosts_smb
gave No
[2005/08/18 17:31:21, 5] lib/access.c:string_match(100)
  looking for getafix.ee.ucl.ac.uk of domain ee.ucl.ac.uk in netgroup
hosts_smb gave No

Does samba look up the netgroup information in LDAP or do I have to use
a list in the host allow clause?

-- 
Tom.

----------------------------------------------------------------------------
 Tom Crummey, Systems and Network Manager,   EMAIL: tom at ee.ucl.ac.uk
 Department of Electronic and Electrical Engineering,                  
 University College London,                  TEL: +44 (0)20 7679 3898   
 Torrington Place,                           FAX: +44 (0)20 7388 9325
 London, UK, WC1E 7JE.                         
----------------------------------------------------------------------------