[Samba] [samba4] How to use my ldap users in sam.ldb?

Ced T samba-inist at inist.fr
Tue Sep 4 02:17:27 MDT 2012 

Hi
I successfully compiled samba4 on my ubuntu.
Actually, most our Linux servers are using en openldap base to authenticate.
All the samba 3 servers use this openldap base

/passdb backend = ldapsam:ldaps://ldap.intra.labo.fr// (in the smb.conf)

I tried to migrate the users account of my openldap database to internal 
samba4 ldap database.
For this I used the myldap-pub.py script with this command line :

/./myldap-pub.py --ldap_uri=ldap://ldap-server.labo.fr \//
//--ldap_binddn="cn=admin,ou=administrateur,dc=labo,dc=fr"  \//
//--ldap_bindpwd="password" \//
//--output_basedn="dc=labo,dc=fr" \//
//--input_domain_name="DOMAIN"  \//
//--input_basedn="dc=labo,dc=fr" \//
//--import_accounts=Users \//
//--output_users_ou="ou=People" \//
//--remove_input_attributes="a lot of useless attributes"//

/and it successfully worked/.

/This command line
/./ldbsearch -H /usr/local/samba/private/sam.ldb '(objectClass=user)'/
shows me the exported records of openldap database

But i'm unable to use these new records.
The command line :

/usr/local/samba/bin/wbinfo -u

returns :

Administrator
Guest
krbtgt
dns-ubvmware
onetestuser

Same problem with pdbedit:

usr/local/samba/bin/pdbedit -L
[sudo] password for tintanet:
UBVMWARE$:4294967295:
Administrator:4294967295:
dns-ubvmware:4294967295:
onetestuser:1000:
krbtgt:4294967295:
nobody:65534:nobody


How can i Configure samba4 to use the new exported records from my 
openldap database to authenticate ?

Here is my smb.conf

/# Global parameters//
//[global]//
//        workgroup = DOMAIN//
//        realm = LABO.FR//
//        netbios name = UBVMWARE//
//        server role = active directory domain controller//
//        passdb backend = samba4//
//        server services = +smb -s3fs//
//        dcerpc endpoint servers = +winreg +srvsvc//
//
//
//[netlogon]//
//        path = /usr/local/samba/var/locks/sysvol/labo.fr/scripts//
//        read only = No//
//
//[sysvol]//
//        path = /usr/local/samba/var/locks/sysvol//
//        read only = No//
//[homes]//
//   comment = Home Directories//
//   browseable = no//
//   read only = no//
//   create mask = 0744//
//   create mode = 0744//
//   directory mask = 0755//
//   directory mode = 0755//
//
//[seeida]//
//   ntvfs handler = cifs//
//   cifs:server = 10.0.2.5//
//   cifs:share = see//
//   cifs:domain = DOMAIN//
//
//Thanks in advance for your help

Ced T
//
/

More information about the samba mailing list