[Samba] LDAP integration

Antony Gelberg antony at wayforth.co.uk
Sun Nov 13 13:29:41 GMT 2005

(Craig, thanks for your response.  I'm cc'ing the list as we need to try
and resolve this today.  Hope you don't mind.)

Craig White wrote:
> On Sat, 2005-11-12 at 18:29 +0000, Antony Gelberg wrote:
>>We're into our new server build.  We have built Samba / LDAP servers
>>before, but never a PDC.  I'm not sure that this question is
>>PDC-specific though.
>>What is the difference between smbldap-useradd, and adding a user to the
>>LDAP database normally e.g. with cpu useradd?
> ----
> smbldap-tools should create both the posix user and smb user - the
> former being necessary for the latter
> ----

I understand the words, but not the sentence.  Another samba/ldap box
that we have authenticates the users quite happily, where they have been
added to the LDAP directory via cpu.  I understand that with the
traditional passdb backend, there is a difference between the posix user
and the smb user, hence the need to use smbpasswd to create smb users.

However, I thought that with LDAP, everything is in one place, so I
don't quite understand the need for a posix and smb user.  Added to
which, it worked for us on another box, as I said above.  If somebody
could clarify, we would be grateful.

>>Are smbldap-tools needed for new installs, or only where an existing
>>Samba database is being migrated to LDAP?
> ----
> the smbldap-tools aren't necessary at all, they are for your convenience
> and permit the usage of tools such as "User Manager for Domains" and
> 'net rpc vampire' processes. If you don't use smbldap-tools, then you
> would probably need another set of scripts to accomplish the same
> things.
> -----

I can see that they are useful for smb.conf actions such as add user
script = /usr/sbin/smbldap-useradd -m "%u".

>>What is the best practise for the administrator for new installs?
> ----
> reading the excellent documentation, like Samba by Example...available
> in dead tree form at your typical bookseller or in pdf/html form at
> www.samba.org
> ----

We're ploughing through it.  Truly an *excellent* manual.


More information about the samba mailing list