[Samba] multiple domains/ ldap /smbldap_search function/pdbedit/
Marcin Giedz
marcin.giedz at altvision.pl
Tue Jun 27 11:25:06 GMT 2006
Didier Roques napisał(a):
> Hi all,
>
Hello,
> I use samba 3.0.20
>
> the ldap paramaters into the smb.conf are:
> passdb backend = ldapsam:ldap://localhost smbpasswd guest
> ldap suffix = dc=univ,dc=fr
> ldap machine suffix = ou=Hosts
> ldap user suffix = ou=People
> ldap group suffix = ou=Group
> ldap idmap suffix = ou=Idmap
>
> Into my ldap tree i've got 3 domains samba defined
> some uid exists into 2 of 3 domains
>
I also have more than 3 domains in my LDAP ... but it works great!!!
> (toto01 exists twice but into two differents domains)
> If i use pdbedit -L -v -d 10 toto01 i've got the following thing:
>
> smbldap_search_ext: base => [dc=univ,dc=fr], filter =>
> [(&(uid=toto01)(objectclass=sambaSamAccount))], scope => [2]
> ldapsam_getsampwnam: Duplicate entries for this user [toto01] Failing.
> count=2
>
How are the domains organized? According to your information it seems
that dc=univ,dc=fr is a base for all 3 domains - am I right? In such
case the message you get is NORMAL. Shouldn't it be like this:
1) ou=People,ou=domain1,dc=univ,dc=fr
2) ou=People,ou=domain2,dc=univ,dc=fr
3) ou=People,ou=domain3,dc=univ,dc=fr?
But then your samba ldap suffix should be:
ldap suffix = ou=domainx,dc=univ,dc=fr
> Why the smbldap_search_ext doesn't search uid only in the
> ou=People,dc=univ,dc=fr branch
>
> the filter returned by the smbldap_search_ext seems to be
> [(&(uid=toto01)(objectclass=sambaSamAccount))
>
> How to force smb to search only the uid into the branch defined by the
> ldap parameters (ou=People,dc=univ,dc=fr) ?
> thanks a lot
>
Hope this helps you ;)
Regards,
Marcin
>
>
>
>
>
More information about the samba
mailing list