[Samba] 'ldap passwd sync' not working

Tony Earnshaw tonye at billy.demon.nl
Sun Feb 6 16:55:36 GMT 2005


Adam Tauno Williams:

[...]

> My guess: the behaviour of 3.0.11 is more correct, and something is
> clearly wrong with your DSA - the client cannot read the rootDSE. Possibly
> you've got an ACL doing something you don't intend;  it doesn't look like
> a Samba problem.  The rootDSE is used to determine features supported by
> the DSA, included the password-modify extended operation.

Me too. I've just (couple of weeks) been playing with and implementing
Samba (3.0.7 and 3.0.9). High school has to integrate a Windows
2000/collection into an already established Linux network, on the basis of
OL 2.2.17.

What's surprised me, is the utter correlation between what happens and the
Samba crew documentation. However, the only LDAP documentation that I've
found is the CTI, University of Navarra stuff, and whilst helpful, this is
directly misleading in many cases and following it blindly can lead to
misconfigured systems (in general, most HOWTOs suck, if one follows them
literally).

In fact, the ldapsam backend is phantastik; if correctly configured it can
do nothing wrong and the pdbedit (always use rather than smbpasswd) is an
eye-opener.

Bottom line is, that to run the ldapsam backend with Samba, one has to be
an (open)LDAP guru, long before one tries to run ldapsam. To which extent
kalamazoo helped me, as I've told you before, no end. Keep posting the
links to the unwashed ;)

--Tonni

--
mail: tonye at billy.demon.nl
http://www.billy.demon.nl



More information about the samba mailing list