[Samba] LDAP auth not working
Mark J. Reed
markjreed at mail.com
Fri May 4 05:24:42 GMT 2007
I'm on OS X running samba 3.0.10. That's what ships with Tiger and
so far I haven't had much luck getting it to compile from source...
I have an LDAP tree set up and working for general UNIX
authentication. Now I'm trying to get SAMBA working as a PDC.
Once I loaded the Samba schema extension, I thought smbpasswd -a would
do the SAMBAfication of a user, but it complained that the user was
not already in objectClass sambaSAMaccount.
So I used ldapmodify to add that objectclass and the required sambaSID
attribute to my user object. I don't know if the value of the latter
is correct - I saw somewhere that it should be the SID of the domain
as returned by net getlocalsid, plus -$UID on the end, so that's what
I used.
Then smbpasswd -a seemed to succeed, but didn't actually create an
sambaNTpassword or sambaLMpassword attribute (though it did create
several other samba* attributes); it just modified userPassword
(presumably because I have ldap password sync enabled). So I
manually added sambaLMpassword and sambaNTpassword. But smbpasswd -a
still didn't touch them. And I can't authenticate with smbclient
running locally.
I tried manually setting the password attributes to {MD4} plus the MD4
hash of my password; that didn't work either.
Any help getting this to work would be appreciated.
--
Mark J. Reed <markjreed at mail.com>
More information about the samba
mailing list