[Samba] Samba as PDC+OpenLDAP: unique login?

Proskurin Kirill k.proskurin at fxclub.org
Wed Oct 8 14:39:09 GMT 2008

Joao Amancio wrote:
>    1. There is a way to populate Samba (users, groups) with the OpenLDAP
>    base?
1) smbldap-tools
2) lam
>    2. It's really needed to get users at: linux local system, samba and
>    openldap? Where's is the "single sign on" idea in this case?
No need.
Im use only LDAP users.

Its makes via "nss_ldap" program and editing your nsswitch.conf to work 
with ldap.

That is how it work on my PDC:

%cat /etc/nsswitch.conf
group: files ldap
hosts: files dns
networks: files
passwd: files ldap
shadow: files ldap
shells: files

grep -v # /usr/local/etc/nss_ldap.conf | egrep -v '^$'
base ou=Samba,dc=domain,dc=org
ldap_version 3
binddn cn=root,dc=domain,dc=org
bindpw secret
rootbinddn cn=root,dc=domain,dc=org
port 389
scope one
timelimit 30
bind_timelimit 30
bind_policy soft
nss_connect_policy persist
idle_timelimit 3600
nss_paged_results yes
pagesize 1000
pam_login_attribute uid
pam_password crypt
nss_base_group  ou=Groups,ou=Samba,dc=domain,dc=org?one
nss_base_passwd ou=Users,ou=Samba,dc=domain,dc=org?one
nss_base_passwd ou=Computers,ou=Samba,dc=domain,dc=org?one
nss_base_hosts  ou=Computers,ou=Samba,dc=domain,dc=org?one
nss_base_shadow ou=Users,ou=Samba,dc=domain,dc=org?one

Best regards,
Proskurin Kirill

More information about the samba mailing list