RE [Samba] samba & ldap how work group ?

franck dufau franckdufau at free.fr
Mon Dec 1 14:52:20 GMT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

YES posixAccount is in my ldap tree !

perhaps everything is ok in fact !

i need to find a doc for ACL...!!!

my pb is all user i create are in group : Domain Users

i want to add an new/other group for an user

can a user be in many group in ldap ?

i don't know how to do this !

cordialement

Franck Dufau

Stéphane PURNELLE wrote:
> Have you posixAccount objectclass in your ldap tree?
> 
> If getent work fine, you can set ACL on group same as you want.
> 
> Is secure if users cannot connect to samba PDC.
> 
> 
> -----------------------------------
> Stéphane PURNELLE                         stephane.purnelle at corman.be
> Service Informatique       Corman S.A.           Tel : 00 32 087/342467
> 
> 
> 
> franck dufau <franckdufau at free.fr> 
> 01/12/2008 15:22
> 
> A
> Stéphane PURNELLE <stephane.purnelle at corman.be>
> cc
> samba at lists.samba.org
> Objet
> Re: RE [Samba] samba & ldap how work group ?
> 
> 
> 
> 
> 
> 
> hye tks for answer,
> 
> libnss-ldap.conf & libpam-ldap are installed...
> 
> actualy i have modifie libnss-ldap.conf like this :
> 
> host 127.0.0.1
> base dc=domaine,dc=local
> uri ldap://127.0.0.1
> rootbinddn cn=admin,dc=domaine,dc=local
> bind_policy soft
> 
> and pam_ldap.conf like this :
> 
> host 127.0.0.1
> base dc=domaine,dc=local
> uri ldap://127.0.0.1/
> 
> i have modifie too nsswitch.conf like this :
> 
> passwd:          compat          ldap
> group:           compat          ldap
> shadow: compat           ldap
> 
> like this win station can use samba pdc with ldap authentification
> but on the pdc samba server users of domaine can NOT logging !!
> 
> ldap users are not recognized !
> 
> BUT when i do as root getent passwd result looks like OK with my users
> from domaine !?!
> 
> What's wrong ?
> 
> many tanks for time and help...
> 
> Cordialement
> 
> Franck Dufau
> 
> Stéphane PURNELLE wrote:
>> You must configure nss_ldad and pam_ldap.
> 
>> And Linux will see accounts and groups in your ldap tree same as 
>> /etc/group .
> 
>> Bien à vous
> 
> 
>> -----------------------------------
>> Stéphane PURNELLE                         stephane.purnelle at corman.be
>> Service Informatique       Corman S.A.           Tel : 00 32 087/342467
> 
>> samba-bounces+stephane.purnelle=corman.be at lists.samba.org a écrit sur 
>> 01/12/2008 14:43:44 :
> 
>> Hye all,
> 
>> i have install samba as PDC with openldap authentification everything
>> work fine.
> 
>> But i want to create différent group with différent privileges on folder
> 
>> How gestion of group work with Openldap authentification because users
>> are not in /etc/passwd and domain group are not in /etc/group !?
> 
>> I don't find information about this...
> 
>> can you help me ?
> 
>> cordialement
> 
>> Franck Dufau
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkkz+hwACgkQrKIazktK/hJARACfS6HZUu83yVCPPZDskkdDOz7w
8WoAnjHbpWCf8W0tKcEqI5BX2lAM7h3P
=oA1T
-----END PGP SIGNATURE-----

More information about the samba mailing list