[Samba] Re: Domain member against Samba+LDAP server configuration
problem
Javier Barroso
javibarroso at gmail.com
Wed Jun 28 14:36:20 GMT 2006
Hi people again (sorry if this email arrives two time into your inbox,
robomod at news.nic.it sent me a message about it was refused),
I solved my problem:
I added to my smb.conf:
ldap admin dn = cn=admin,dc=DOMAINNAME,dc=com
allow trusted domains = No
And I had to execute smbpasswd -w SECRET
Why domain member need ldap secret after it was joined to domain ?
Thanks you !
On 6/28/06, Javier Barroso <javibarroso at gmail.com> wrote:
>
> Hi people,
>
> I have a problem with my configuration. I'd like my debian box was client
> of a Domain (Samba+LDAP)
>
> my smb.conf is:
> [global]
> security = domain
> workgroup = DOMAIN_NAME
> netbios name = MYCOMPUTER
> log level = 3 auth:10 winbind:10
> idmap backend = ldap:ldap://xxx.xxx.xx.xxx
> ldap suffix = dc=DOMAIN_NAME,dc=com
> ldap idmap suffix = ou=Idmap
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> template shell = /bin/bash
>
>
> When I execute:
>
> # getent passwd DOMAIN\\myuser
>
> it returns a empty result.
>
> When I comment idmap backend = ldap:ldap://xxx.xxx.xx.xx directive, and
> restart the services , it work fine and return my user with a uid between
> 10000 and 20000
> I would like uid was get from last number of sambaSID attribute on ldap
> tree
>
> The same happens with groups.
>
> I had read
> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2577138, but it use security = ads when it put 'idmap backend' directive on the
> configuration.
>
> Thank you !
>
>
>
More information about the samba
mailing list