[Samba] Samba PDC on a read-only (and not configurable) LDAP server

Matteo Rosati rosati.matteo at gmail.com
Wed May 23 15:31:03 GMT 2007

hi everybody,
after an enoormous googling (event in the samba mailing list archive)
i decided to subscribe to this ML since i can't find any solution to
my problems.
here is the situation.
i work in an university and here we have a laboratory with more or
less 20 windows XP computers. our server is equipped with slackware 9
and samba 3.0.1 (working as a PDC).
users are stored *locally* in the /etc/smbpasswd file, and this
password file is synchronized once a week with a file provided by
secretariat, and a perl script, so every week we have reliable
informations about our students.
now, we want to change this system (obsolete), and the central
administration has given us the possibility to connect via LDAP to
their databases.
we CANNOT modify the ldap entries and the configuration files, and we
cannot isert the samba schemas into the ldap. in other words, we
cannot touch in any way the ldap server. we only have full access to
our server with samba, and we would like to connect to ldap so our
users can do the login.

do you have any suggestions?
i am going crazy, i have no more ideas...

some details:

here is a sample output of ldapsearch:

# ldapsearch -LLL -h host.university.it -x -b ou=Studenti,ou=Account,o=unive.it

dn: ou=Studenti, ou=Account, o=unive.it
ou: Studenti
objectClass: top
objectClass: organizationalUnit

dn: uid=000114,ou=Studenti,ou=Account,o=unive.it
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
uid: 000114
gidNumber: 503
homeDirectory: /home/000114
uidNumber: 4800114
loginShell: /bin/bash
ou: 11
departmentNumber: F08


as you can see, the password is not visible...

(and sorry for my horrible english)

Matteo Rosati
Web: http://wwwstud.dsi.unive.it/~mrosati
PGP: http://wwwstud.dsi.unive.it/~mrosati/pgp.html
GNU/Linux registered user #398557

More information about the samba mailing list