[Samba] How Configure Samba4 to use Openldap-Backend?

Andrew Bartlett abartlet at samba.org
Tue Feb 9 22:42:50 MST 2010

On Tue, 2010-02-09 at 14:29 +0100, Chris Fischer wrote:
> I tried to use samba4 (alpha8) with openldap backend and followed the

Alpha8 is getting very old now.  I would suggest you try the current GIT
tree, but some small issues have broken the LDAP backend there.  We
should have those resolved soon, and then that will be your best

Follow https://bugzilla.samba.org/show_bug.cgi?id=7040

> instructions on:
> http://wiki.samba.org/index.php/Samba4/LDAP_Backend/OpenLDAP
> http://wiki.samba.org/index.php/Samba4/HOWTO/Ubuntu_Server_9.04
> and different other sources.
> First try with debian packages, second with self compiled from git.
> The script provision-backend is gone, so I only called provision (realm,
> domain, role, etc ). After modifying the slapd.conf template it run
> successful. In the template were the overlay options missing.

If you had to change the template, then you are probably using an
unsupported version of OpenLDAP.  (We require a very new version to work
around a number of issues and bugs). 

> I can run slapd without errors. But how could I tell samba to use this
> backend?

This is set up automatically by provision, when you give it the correct

> I know the "server service" directive and options like "sam database"
> sam database = ldapi://%2fvar%2flib%2fsamba%2fprivate%2fldap%2fldapi
> server services = smb, rpc, nbt, wrepl, cldap, kdc, drepl, winbind,
> ntp_signd, kcc # But i am not familiar with the meaning of all.

You should not change any of these options.  

> slapd in debug mode shows some action on starting samba4, thats all.
> Is there a need to add connection credentials like "smbpasswd -w"

No, these have been autoconfigured by the provision script. 

> Could someone, who has this configuration running, be so kind to send me
> an example smb.conf

There is nothing special in the smb.conf.  Instead, the provision script
embeds the right information in the sam.ldb database itself. 

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba/attachments/20100210/9ce5d44b/attachment.pgp>

More information about the samba mailing list