[Samba] Using OID as Samba3 backend
Geert Stappers
stappers at stappers.nl
Fri Jul 1 18:43:09 GMT 2005
On Fri, Jul 01, 2005 at 12:08:38PM -0500, Alex Canizales wrote:
>
> Well, first, already the domain it's working, the schema was created, and
> other problems was solved, i can join machines to domain, log in to them,
> and assign privileges using ldap groups into OID. Right now the problem is
> only when i change the password from windows dialog box, even when i change
> the password from smbladp-password command it's works fine.
>
> >This will not help you for two reasons: 1: it's an OpenLDAP server ACL
> >and is only applicable to the server configuration; 2: it only gives
> >read access anyway.
>
> At the second point, the OID have the way to put ACL's at the rootDSE
> level too, not in way of the OpenLDAP, on text plain file, it's trough the
> oidadmin console or using ldapmodify command and i'd have put this exactly.
>
> I need to know which is the difference between the passwod change from
> smbldap-password and the password change from windows dialog box in order
> to put the privileges in the correct place. I believe that the problem is
> because it's trying to access at some attribute in other level when is
> execute from windows.
I have
access to attrs=sambaLMPassword,sambaNTPassword
by self ssf=128 write
by anonymous ssf=128 auth
by dn="cn=smbadmin,ou=People,dc=gpm,dc=stappers,dc=nl" ssf=128 write
by dn="cn=admin,ou=People,dc=gpm,dc=stappers,dc=nl" ssf=128 write
by * none
smbldap-password probably uses smbadmin ( has write accces on OID )
Windows probably uses "self" ( has no write access on OID )
Cheers
Geert Stappers
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/samba/attachments/20050701/e2b12897/attachment.bin
More information about the samba
mailing list