[Samba] SAMBA PDC with LDAP backend syncing unix/samba accounts ...

Adam Williams awilliam at mdah.state.ms.us
Wed May 21 15:44:45 GMT 2008 

do the samba accounts already exist in another format such as smbpasswd 
or tdbsam?  if so, use pdbedit -i smbpasswd:/etc/samba/smbpasswd (dunno 
what the command is for tdbsam though)

to have samba and unix passwords changed at the same time, use ldap 
password sync = yes in smb.conf and when a user in windows hits 
ctrl-alt-del and clicks on change password, it will change both at the 
same time.

yogi wrote:
> Hi all ,
>          I'm running Debian Etch . I just finished
> configuring SAMBA
> as PDC to authenticate against LDAP server which works.
> The system in question uses default debian etch packages.
> As My Linix/unix accounts can authenticate against it. The
> LDAP works.
>     I  Used the default shipped smbldap-populate script to
> setup SAMBA.
>        Everything seems to work as Anonymous User or as
> user root.
>
> shark:/etc/samba# smbclient -L shark -N
> Anonymous login successful
> Domain=[LDAPBIOMAX] OS=[Unix] Server=[Samba 3.0.24]
>
>         Share name       Type      Comment
>         ---------       ----      -------
>         netlogon        Disk      Network Logon Service
>         knoppix         Disk
>         IPC$            IPC       IPC Service (Samba Server
> 3.0.24)
> Anonymous login successful
> Domain=[LDAPBIOMAX] OS=[Unix] Server=[Samba 3.0.24]
>
>         Server               Comment
>         ---------            -------
>         SHARK                Samba Server 3.0.24
>
>
>       Now when I try and login as normal user, which i have
> enabled
> with "smbldap-usermod -a  yogesh"
>
> smbldap-usershow yogesh
>
> dn: uid=yogesh,ou=People,dc=biomax,dc=de
> uid: yogesh
> cn: yogesh
> objectClass:
> account,posixAccount,top,shadowAccount,sambaSamAccount
> userPassword: {MD5}.SOMELONGHASH ....
> shadowLastChange: 12900
> shadowMax: 10000
> loginShell: /bin/bash
> uidNumber: 668
> gidNumber: 100
> homeDirectory: /sk-home/yogesh
> sambaPwdLastSet: 0
> sambaLogonTime: 0
> sambaLogoffTime: 2147483647
> sambaKickoffTime: 2147483647
> sambaPwdCanChange: 0
> sambaPwdMustChange: 2147483647
> displayName: System User
> sambaSID: S-1-5-21-4033729970-1053622217-143831336-9886
> sambaAcctFlags: [UX ]
>
> -----
>
> Now when I try and connect I get the following failure .
> shark:/etc/samba# smbclient -L shark -U yogesh
> session setup failed: NT_STATUS_LOGON_FAILURE
>
> After Digging thru the logs I figuered that if I enter
> password using
> "smbldap-password" . It works.
>
> Now my Stupid questions ?
> I already have unix users working of LDAP, How can I
> automate the addition of remaining accounts with SAMBA ?
>
> Also whenever a unix user changes passwd samba password is
> not updated ?
>
> Any pointers will be of great help.
>
> Thanks in advace
> yogesh
>
>
>
>       
>
>

More information about the samba mailing list