[Samba] LDAP integration
antony at wayforth.co.uk
Sun Nov 13 13:29:41 GMT 2005
(Craig, thanks for your response. I'm cc'ing the list as we need to try
and resolve this today. Hope you don't mind.)
Craig White wrote:
> On Sat, 2005-11-12 at 18:29 +0000, Antony Gelberg wrote:
>>We're into our new server build. We have built Samba / LDAP servers
>>before, but never a PDC. I'm not sure that this question is
>>What is the difference between smbldap-useradd, and adding a user to the
>>LDAP database normally e.g. with cpu useradd?
> smbldap-tools should create both the posix user and smb user - the
> former being necessary for the latter
I understand the words, but not the sentence. Another samba/ldap box
that we have authenticates the users quite happily, where they have been
added to the LDAP directory via cpu. I understand that with the
traditional passdb backend, there is a difference between the posix user
and the smb user, hence the need to use smbpasswd to create smb users.
However, I thought that with LDAP, everything is in one place, so I
don't quite understand the need for a posix and smb user. Added to
which, it worked for us on another box, as I said above. If somebody
could clarify, we would be grateful.
>>Are smbldap-tools needed for new installs, or only where an existing
>>Samba database is being migrated to LDAP?
> the smbldap-tools aren't necessary at all, they are for your convenience
> and permit the usage of tools such as "User Manager for Domains" and
> 'net rpc vampire' processes. If you don't use smbldap-tools, then you
> would probably need another set of scripts to accomplish the same
I can see that they are useful for smb.conf actions such as add user
script = /usr/sbin/smbldap-useradd -m "%u".
>>What is the best practise for the administrator for new installs?
> reading the excellent documentation, like Samba by Example...available
> in dead tree form at your typical bookseller or in pdf/html form at
We're ploughing through it. Truly an *excellent* manual.
More information about the samba