[Samba] ldap authentication without 'ldap filter' parameter

Norbert Gomes norbert.gomes at orleans-tours.iufm.fr
Wed Feb 8 16:47:04 GMT 2006


OK, it seems to work better : the 'nss_map_attribute uid iufmLogin' 
tells the system to look at 'iufmLogin' instead of 'uid'.

I will work out for the filters but I'm on a good way

Thank you so much :-)




Gordon Messmer a écrit :
> Norbert Gomes wrote:
>> After some search, I read that I have to configure nss_ldap. But I 
>> don't know how to configure it properly to operate with our LDAP 
>> database.
>>
>> Let me explain :
>>
>> We used the 'ldap filter' parameter like this :
>>      ldap filter = (&(iufmLogin=%u)(gecos=#*))
>>
>
> I think you want to use these settings in ldap.conf:
>
> nss_base_passwd ou=People,dc=example,dc=com?one?gecos=#*
> nss_map_attribute uid iufmLogin
> pam_login_attribute iufmLogin
>
> I'm not sure whether or not pam_login_attribute is strictly required.  
> I'd try with just the first two settings, and leave it at that if 
> things work as you expect.
>
>



More information about the samba mailing list