[Samba] ldap password sync

David Pinkerton David.Pinkerton at planaustralia.com.au
Tue Apr 10 23:25:38 GMT 2007

I'm trying to get ldap/unix password sync working.

Using this config, packet traces show no requests to update userPassword (only the samba passwords)

Can  someone see what I've done wrong?

   workgroup = HOME
   netbios name = DHP

   security = user
   encrypt passwords = yes
   enable privileges = yes

   passdb backend = ldapsam:ldap://
   passwd program = /usr/local/sbin/smbldap-passwd -u %u
   unix password sync = yes

   log file = /var/log/samba/%m.log
   utmp = yes
   max log size = 50
   log level = 1
   syslog = 0

   add user script = /usr/local/sbin/smbldap-useradd -m "%u"
   add machine script = /usr/local/sbin/smbldap-useradd -w "%u"

   add group script = /usr/local/sbin/smbldap-groupadd -p "%g"

   add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g"
   delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g"
   set primary group script = /usr/local/sbin/smbldap-usermod -g "%g" "%u"

   domain logons = yes
   domain master = yes
   os level = 65
   preferred master = yes
   wins support = yes

   ldap admin dn = cn=admin,o=dhp
   ldap passwd sync = yes
   ldap delete dn = yes
   ldap suffix = o=dhp
   ldap machine suffix = ou=machine
   ldap user suffix = ou=staff
   ldap group suffix = ou=group
   ldap idmap suffix = ou=idmap
   idmap uid = 10000-20000
   idmap gid = 10000-20000

The contents of this email may be privileged and confidential, any unauthorised use of the contents is expressly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. PLAN Australia is not liable for the proper and complete transmission of the information contained in this communication, nor for any delay in its receipt.

More information about the samba mailing list