[Samba] Samba 3.0.25a idmap_ldap "ldap suffix" used instead of "idmap config <DOMAIN>:ldap_base_dn"

Wolfgang Ratzka ratzka at hrz.uni-marburg.de
Mon Jun 11 16:10:51 GMT 2007 

Hi,

I'm trying to setup a samba domain controler trusting a NT4 domain.
and want to use Idmap information already stored in an LDAP location.
smb.conf snippets are below. I'm not getting this to work. What I see, 
reading log.winbindd-idmap at log level 10 is that search for Idmap 
entries seems to use the "ldap suffix" parameter instead of the
idmap config <DOMAIN>:ldap_base_dn as a search base, i.e.
it starts at ou=Trusting,ou=MyAccounts,o=Universitaet Marburg,c=DE
while it should start at
ou=Idmap,ou=Trusted,ou=MyAccounts,o=Universitaet Marburg,c=DE

Any hints?

regards,
Wolfgang Ratzka

-------------------------------------------
[global]

(...)
   workgroup = TRUSTING
   server string = %h

   security = user
   encrypt passwords = true
   obey pam restrictions = No
   passdb expand explicit = No
   domain logons = Yes
   preferred master = Yes
   os level = 65
   domain master = Yes

   enable privileges = Yes

   logon home =
   logon path =

   passdb backend = ldapsam:ldap://somewhere.uni-marburg.de/
   ldap ssl = start_tls
   ldap admin dn = uid=samba,ou=Access,o=Universitaet Marburg,c=DE
   ldap suffix = ou=Trusting,ou=MyAccounts,o=Universitaet Marburg,c=DE
   ldap group suffix = ou=Groups
   ldap user suffix = ou=People
   ldap machine suffix = ou=Computers

   ldap passwd sync = Yes
   ldap delete dn = Yes


    # Idmap for trusted Domain TRUSTED should come from LDAP
    idmap domains = TRUSTED
    idmap config TRUSTED:backend = ldap
    idmap config TRUSTED:readonly = yes
    idmap config TRUSTED:ldap_base_dn =
        ou=Idmap,ou=Trusted,ou=MyAccounts,o=Universitaet Marburg,c=DE
    idmap config TRUSTED:ldap_user_dn =
        uid=sambaanon,ou=Access,o=Universitaet Marburg,c=DE
    idmap config TRUSTED:ldap_url = ldaps://somewhere.Uni-Marburg.DE/
    idmap config TRUSTED:range   = 80000-90000




-- 
Wolfgang Ratzka  Phone: +49 6421 2823531  FAX: +49 6421 2826994
Uni Marburg,  HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany

More information about the samba mailing list