[Samba] Samba and WinXP + PDC
Craig White
craigwhite at azapple.com
Tue Mar 15 02:50:03 GMT 2005
On Mon, 2005-03-14 at 08:48 -0700, John H Terpstra wrote:
> On Monday 14 March 2005 07:23, John Zakhar wrote:
> > Good Morning Folks.
> >
> > I have a reoccurring error here when trying to join a Windows XP SP2
> > workstation to a Samba domain (accounts stored in LDAP) The error is
> > "The user name cannot be found"
> >
> > Our LDAP directory looks like this
> >
> > dc=na
> > ~ o=ourdomain
> > ~ ou=Groups
> > ~ ou=Staff
> > ~ ou=Computers
>
> With this directory configuration the /etc/ldap.conf file needs to have:
>
> nss_base_passwd: o=ourdomain,dc=na?sub
----
of course with this setup, samba would query the entire DSA for
everything which might not be the most effective use of LDAP.
Suggest that you consider...
dc=na
o=ourdomain
ou=Accounts
ou=Staff
ou=Computer
ou=Groups
ou=Hosts
ou=etc...
and thus, padl stuff would be like...
nss_base_passwd: ou=Accounts,o=ourdomain,dc=na?sub
nss_base_shadow ou=Accounts,o=ourdomain,dc=na?sub
nss_base_group ou=Groups,o=ourdomain,dc=na?one
nss_base_hosts ou=Hosts,o=ourdomain,dc=na?one
etc...
This way, you can set the search base for your MTA/IMAP/etc. to only
search the actual posix users...
ou=Staff,ou=Accounts,o=ourdomain,dc=na
and lastly - perhaps this was unintentional...
dc = domain component...typical usage would be dc=domain_name,dc=tld
o = organization & c = country...typical usage would be
o=organization,c=US
Craig
More information about the samba
mailing list