[Samba] ldap authentication without 'ldap filter' parameter
Norbert Gomes
norbert.gomes at orleans-tours.iufm.fr
Wed Feb 8 16:47:04 GMT 2006
OK, it seems to work better : the 'nss_map_attribute uid iufmLogin'
tells the system to look at 'iufmLogin' instead of 'uid'.
I will work out for the filters but I'm on a good way
Thank you so much :-)
Gordon Messmer a écrit :
> Norbert Gomes wrote:
>> After some search, I read that I have to configure nss_ldap. But I
>> don't know how to configure it properly to operate with our LDAP
>> database.
>>
>> Let me explain :
>>
>> We used the 'ldap filter' parameter like this :
>> ldap filter = (&(iufmLogin=%u)(gecos=#*))
>>
>
> I think you want to use these settings in ldap.conf:
>
> nss_base_passwd ou=People,dc=example,dc=com?one?gecos=#*
> nss_map_attribute uid iufmLogin
> pam_login_attribute iufmLogin
>
> I'm not sure whether or not pam_login_attribute is strictly required.
> I'd try with just the first two settings, and leave it at that if
> things work as you expect.
>
>
More information about the samba
mailing list