[Samba] SMB+LDAP
Frans Lanting - IT Admin
itadmin at lanting.com
Tue Aug 7 15:37:25 MDT 2012
Hi Folks,
A couple of questions about making SMB (3 or 4) authenticate to an
external (anonymous) LDAP server:
1) A typical LDAP user record is below. Is there anything lacking in
this record that would prevent Samba from authenticating against our
LDAP server? Note the sambaSID is as is, gobblygook info:
dsAttrTypeNative:eduPersonAffiliation: Employee Member
dsAttrTypeNative:givenName: David
dsAttrTypeNative:homeDirectory: /afs/cats.csux.edu/users/t/dsixpack
dsAttrTypeNative:mail: dsixpack at csux.edu
dsAttrTypeNative:objectClass: posixAccount organizationalPerson
csuxPerson top sambaSamAccount person inetOrgPerson csuxMain eduPerson
dsAttrTypeNative:sambaSID: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX
dsAttrTypeNative:sn: Sixpack
dsAttrTypeNative:csuxPersonGuID: G000242316
AppleMetaNodeLocation: /LDAPv3/ldap-99.soe.csux.edu
AppleMetaRecordName: uid=dsixpack,ou=People,dc=crm,dc=csux,dc=edu
NFSHomeDirectory: /Users/dsixpack
Password: ********
PrimaryGroupID: 100002
RealName:
David Sixpack
RecordName: dsixpack
RecordType: dsRecTypeStandard:Users
UniqueID: 9239
UserShell: /bin/bash
2) Regarding the "sudo smbpasswd -w secret" step, does this smb user
need to exist in our LDAP or that local to the machine running the SMB
daemon? I wasn't clear on how this step in the process is supposed to
work.
3) Is the "ldap admin dn =" also required?
Note we have read-only access to our LDAP server, though a record
could be created for us if absolutely needed.
Any help or ideas MUCH appreciated! Thanks!
David
More information about the samba
mailing list