[Samba] ldap interface authentication

Frank Gruman fgatwork at verizon.net
Thu Jan 10 00:41:19 GMT 2008


On Wed, 2008-01-09 at 06:26 -0800, Deas, Jim wrote:
> What specific ldap config files are used by samba when it's used as the
> backend db?
> 
> I have followed the FDC Howto and setup the ldap data on a dedicated FDC
> server. From the samba machine I have been able to do 'ldapsearch -x  -D
> "cn=dirmng" -W *' for all the sambaSam information. I have added the
> ldap data to smb.conf and set the passwd for the admin account.
> 
> What appears to happen to me is that my ldap server is setup for simple
> authentication only while it looks like smb is not. How can I specify
> smb use simple authentication?
> 
>  

Try using 'ldap ssl = off' in your smb.conf.  According to the man page
(man smb.conf)
        "The ldap ssl can be set to one of three values:
        
                     ·  Off = Never use SSL when querying the directory.
        
                     ·  Start_tls  =  Use  the  LDAPv3  StartTLS
        extended   operation
                        (RFC2830) for communicating with the directory
        server.
        
                     ·  On  =  Use  SSL  on  the  ldaps  port when
        contacting the ldap
                        server. Only available when the
        backwards-compatiblity --with-
                        ldapsam  option  is specified to configure. See
        passdb backend
                                  .RE
        
                        Default: ldap ssl = start_tls"

Hope that helps.

Regards,
Frank




More information about the samba mailing list