[Samba] objectClass:posixAccount missing
steve
steve at steve-ss.com
Wed Aug 28 12:11:07 MDT 2013
On Wed, 2013-08-28 at 19:15 +0200, Luca Olivetti wrote:
> Al 28/08/13 13:43, En/na steve ha escrit:
>
> >>
> >> 0.8.12 is not recent enough and those filters are needed.
> >
> > I'll try 0.8.12 later but I doubt it will have changed:
>
> I have 0.8.12
>
> $ rpm -q nss-pam-ldapd
> nss-pam-ldapd-0.8.12-3.mga3
>
> With the filter (aimaretti is a migrated user, pruebaunix is a new user)
>
> $ id aimaretti
> uid=1234(aimaretti) gid=513(Domain Users) grups=513(Domain
> Users),675(intranet),676(portal),507(devel)
> $ id pruebaunix
> uid=10069(pruebaunix) gid=513(Domain Users) grups=513(Domain
> Users),496(vcsa),675(intranet)
>
>
> Without the filter
>
>
> $ id aimaretti
> uid=1234(aimaretti) gid=513(Domain Users) grups=513(Domain
> Users),675(intranet),676(portal),507(devel)
> $ id pruebaunix
> id: pruebaunix: l’usuari no existeix
> $ LC_ALL=en id pruebaunix
> id: pruebaunix: no such user
>
> Do you think it's because I have specified a binddn and a bindpw?
Hi
Without objectClass: posixAccount
you need the filter for nslcd.
IOW, for AD, you either must add it yourself or use the nslcd filter.
Windows does not need the objectClass. nslcd does unless you want to
filter everything.
HTH
Steve
More information about the samba
mailing list