[Samba] Re: Domain member against Samba+LDAP server configuration problem

[Javier Barroso]

Hi people again (sorry if this email arrives two time into your inbox,
robomod at news.nic.it sent me a message about it was refused),

I solved my problem:

I added to my smb.conf:
ldap admin dn = cn=admin,dc=DOMAINNAME,dc=com
allow trusted domains = No

And I had to execute smbpasswd -w SECRET

Why domain member need ldap secret after it was joined to domain ?

Thanks you !

On 6/28/06, Javier Barroso <javibarroso at gmail.com> wrote:
>
> Hi people,
>
> I have a problem with my configuration. I'd like my debian box was client
> of a Domain (Samba+LDAP)
>
> my smb.conf is:
> [global]
>   security = domain
>   workgroup = DOMAIN_NAME
>   netbios name = MYCOMPUTER
>    log level = 3 auth:10 winbind:10
>    idmap backend = ldap:ldap://xxx.xxx.xx.xxx
>    ldap suffix = dc=DOMAIN_NAME,dc=com
>    ldap idmap suffix = ou=Idmap
>    idmap uid = 10000-20000
>    idmap gid = 10000-20000
>    template shell = /bin/bash
>
>
> When I execute:
>
> # getent passwd DOMAIN\\myuser
>
> it returns a empty result.
>
> When I comment idmap backend = ldap:ldap://xxx.xxx.xx.xx directive, and
> restart the services , it work fine and return my user with a uid between
> 10000 and 20000
> I would like uid was get from last number of sambaSID attribute on ldap
> tree
>
> The same happens with groups.
>
> I had read
> http://samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2577138, but it use security = ads when it put 'idmap backend' directive on the
> configuration.
>
> Thank you !
>
>
>