[Samba] avoiding the use of an LDAP entry for the samba domain?
Dominique.Petitpierre at adm.unige.ch
Thu Jan 27 16:56:27 GMT 2005
- Is there a way to avoid that samba tries to search
for an LDAP record for the domain, and for that matter
to try to add the missing record?
I noticed the following messages in the LDAP server log:
SRCH base="dc=unige,dc=ch" \
attrs="sambaDomainName sambaNextRid sambaNextUserRid \
sambaNextGroupRid sambaSID sambaAlgorithmicRidBase objectClass"
When using the smbpasswd backend the attributes that are not
already in smb.conf don't seem to be stored anywhere,
and everything is fine.
- Why is it different with the ldapsam backend?
Also I don't want samba to modify the data on the LDAP server in any
way (it is used for other purposes as well and modifications are made
through a different path), and would greatly prefer that such global
configuration informations were stored locally (on the samba server).
- Is there a way to achieve that while still using ldapsam?
I have tried to put smbpasswd before ldapsam in the definition
of the passdb backend, to no avail.
This occurs with samba 3.0.10 on Mandrake Linux 10.1,
withe the configuration file in annexe.
Thanks in advance for your answers!
Mr Dominique Petitpierre Email: User at Domain
Division Informatique User=Dominique.Petitpierre
Annexe: non default [global] section of the smb.conf
# testparm -s | & sed -n -e '/\[global]/,/^$/p'
workgroup = VPNGROUP
server string = Samba Server %v
passdb backend = smbpasswd, ldapsam:ldaps://foobar.unige.ch
log level = 3 passdb:5 auth:10 winbind:2
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
domain logons = Yes
local master = No
dns proxy = No
ldap admin dn = cn=admin,ou=people,dc=unige,dc=ch
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Hosts
ldap suffix = dc=unige,dc=ch
ldap user suffix = ou=People
hosts allow = 127.0.0.1, 192.168.
More information about the samba