[Samba] Persistent error in documentation
Miguel Medalha
miguelmedalha at sapo.pt
Sun Mar 14 10:18:54 MDT 2010
The book "Samba 3 By Example", under section "5.4.5 LDAP Initialization
and Creation of User and Group Accounts", contains the following statement:
«
The configuration file for the |nss_ldap| library is the file
|/etc/ldap.conf| that provides only one possible LDAP search command
that is specified by the entry called |nss_base_passwd|. This means that
the search path must take into account the directory structure so that
the LDAP search will commence at a level that is above both the
Computers container and the Users (or People) container. If this is
done, it is necessary to use a search that will descend the directory
tree so that the machine account can be found. Alternatively, by placing
all machine accounts in the People container, we are able to sidestep
this limitation. This is the simpler solution that has been adopted in
this chapter.
»
It probably was once true but it is simply not true nowadays. It is
possible to have multiple entries for "nss_base_passwd", as it is
correctly stated in section "5.3.1.7.4 Debugging NSS_LDAP", at the end
of point 1:
«
The appropriate multiple entry for the nss_base_passwd directive in the
/etc/ldap.conf file may be:
nss_base_passwd ou=People,ou=Users,dc=abmas,dc=org?one
nss_base_passwd ou=Computers,ou=Users,dc=abmas,dc=org?one
»
Will the developers please correct this contradiction in the coming
editions of the documents?
Thank you!
More information about the samba
mailing list