[Samba] ldap authentication without 'ldap filter' parameter

Gordon Messmer yinyang at eburg.com
Wed Feb 8 16:03:10 GMT 2006


Norbert Gomes wrote:
> After some search, I read that I have to configure nss_ldap. But I 
> don't know how to configure it properly to operate with our LDAP 
> database.
>
> Let me explain :
>
> We used the 'ldap filter' parameter like this :
>      ldap filter = (&(iufmLogin=%u)(gecos=#*))
>

I think you want to use these settings in ldap.conf:

nss_base_passwd ou=People,dc=example,dc=com?one?gecos=#*
nss_map_attribute uid iufmLogin
pam_login_attribute iufmLogin

I'm not sure whether or not pam_login_attribute is strictly required.  
I'd try with just the first two settings, and leave it at that if things 
work as you expect.




More information about the samba mailing list