[Samba] LDAP issues
Alex Moen
alexm at ndtel.com
Thu Jan 26 08:54:25 MST 2012
Centos 6
Samba 3
smbldap-tools installed.
LDAP directory not on local host.
Example user LDIF:
dn: uid=testuser at mydomain.com,ou=mydomain,o=ndtc
mailHost: mailserver.mydomain.com
loginShell: /bin/bash
gidNumber: 500
uidNumber: 53112
uid: testuser at mydomain.com
sn: user
cn: test user
mail: testuser at mydomain.com
homeDirectory: /cust/mydomain/users/testuser
gecos: test user,,662-6123
objectClass: mirapointmailuser
objectClass: inetorgperson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSAMAccount
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaSID: S-1-5-21-3311107553-3899660464-2674327009-107224
sambaAcctFlags: [UX]
sambaHomeDrive: F:
sambaHomePath: \\ndtc-fs\cust\mydomain\users
sambaPwdLastSet: 1327615956
sambaPwdMustChange: 2147483647
getent passwd shows:
testuser at mydomain.com:x:53112:500:test user,,662-6123:/cust/mydomain/
users/testuser:/bin/bash
I can ssh to the server with this account. So, the linux/ldap stuff
seems to work properly.
However, I cannot connect with the smb proto. Continue to get a
username/password prompt.
My suspicion is the "@" in the uid, which as I understand it, in the
windoze world signifies a group... I think I am confusing something in
the process.
My question is: can Samba be configured to append the "@mydomain.com"
to the username, then authenticate the user? So the user could use
the testuser login via the windoze login and drive mapping processes,
but Samba would actually use testuser at mydomain.com to actually
authenticate?
All these accounts are already in use in the LDAP directory, and so
the uid cannot be changed.
lmk if there's anything else needed here... I'm willing to share
configs, command outputs, etc. to get this solved.
TIA!
----------------
Alex Moen
Network Services Technician II
North Dakota Telephone Company
701-662-6481
More information about the samba
mailing list