RE [Samba] samba & ldap how work group ?

Stéphane PURNELLE stephane.purnelle at corman.be
Mon Dec 1 14:29:31 GMT 2008 

Have you posixAccount objectclass in your ldap tree?

If getent work fine, you can set ACL on group same as you want.

Is secure if users cannot connect to samba PDC.


-----------------------------------
Stéphane PURNELLE                         stephane.purnelle at corman.be
Service Informatique       Corman S.A.           Tel : 00 32 087/342467



franck dufau <franckdufau at free.fr> 
01/12/2008 15:22

A
Stéphane PURNELLE <stephane.purnelle at corman.be>
cc
samba at lists.samba.org
Objet
Re: RE [Samba] samba & ldap how work group ?






-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

hye tks for answer,

libnss-ldap.conf & libpam-ldap are installed...

actualy i have modifie libnss-ldap.conf like this :

host 127.0.0.1
base dc=domaine,dc=local
uri ldap://127.0.0.1
rootbinddn cn=admin,dc=domaine,dc=local
bind_policy soft

and pam_ldap.conf like this :

host 127.0.0.1
base dc=domaine,dc=local
uri ldap://127.0.0.1/

i have modifie too nsswitch.conf like this :

passwd:          compat          ldap
group:           compat          ldap
shadow: compat           ldap

like this win station can use samba pdc with ldap authentification
but on the pdc samba server users of domaine can NOT logging !!

ldap users are not recognized !

BUT when i do as root getent passwd result looks like OK with my users
from domaine !?!

What's wrong ?

many tanks for time and help...

Cordialement

Franck Dufau

Stéphane PURNELLE wrote:
> You must configure nss_ldad and pam_ldap.
> 
> And Linux will see accounts and groups in your ldap tree same as 
> /etc/group .
> 
> Bien à vous
> 
> 
> -----------------------------------
> Stéphane PURNELLE                         stephane.purnelle at corman.be
> Service Informatique       Corman S.A.           Tel : 00 32 087/342467
> 
> samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur 
> 01/12/2008 14:43:44 :
> 
> Hye all,
> 
> i have install samba as PDC with openldap authentification everything
> work fine.
> 
> But i want to create différent group with différent privileges on folder
> 
> How gestion of group work with Openldap authentification because users
> are not in /etc/passwd and domain group are not in /etc/group !?
> 
> I don't find information about this...
> 
> can you help me ?
> 
> cordialement
> 
> Franck Dufau
> 
- --
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkz8fkACgkQrKIazktK/hLxVACdFpZVCQEeMCvcx+nLq1gKFg1p
oKoAn2QNxKcTNrTipUekGoIZW2KiZFMV
=s5FS
-----END PGP SIGNATURE-----

More information about the samba mailing list