[Samba] use of pam_filter with LDAP

Bjoern Tore Sund bjorn.sund at it.uib.no
Wed Nov 7 08:20:03 GMT 2007

Norbert Gomes wrote:

> OK thank you for your answser. I am a bit confused with nss, pam and the 
> Samba authentication mechanism...
> Actually I would like to add filters for authentication of users with 
> Samba and LDAP :
> With our production servers I use the 'ldap filter = (MY_FILTERs)' 
> option in smb.conf (samba-3.0.11) but this option has been removed in 
> the recent releases. Now I want to upgrade samba and I would like to use 
> the same filters with the samba-3.0.26a.
> I read that it was in the ldap.conf file but I don't know how to use it...
> If anyone can give me a clue...

The following lines from my ldap.conf might be helpful:
nss_base_passwd ou=People,dc=Mumle,dc=no??uidNumber>=100
nss_base_shadow ou=People,dc=Mumble,dc=no??uidNumber>=100
nss_base_group  ou=group,dc=Mumble,dc=no??gidNumber>=100

'man nss_ldap' should help you get head and tail on what these lines do 
and how you can adapt them to your own use.

Bjørn Tore Sund       Phone: 555-84894   Email:   bjorn.sund at it.uib.no
IT department         VIP:   81724       Support: http://bs.uib.no
Univ. of Bergen

When in fear and when in doubt, run in circles, scream and shout.

More information about the samba mailing list