[Samba] Cannot bind to AD using nslcd
Min Wai Chan
dcmwai at gmail.com
Wed Nov 19 10:48:28 MST 2014
you should be using this.
if you are using ldap and not Kerbos
pagesize 1000
referrals off
idle_timelimit 800
filter passwd (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName
filter shadow (&(objectClass=user)(!(objectClass=computer))(uidNumber=*)(unixHomeDirectory=*))
map shadow uid sAMAccountName
map shadow shadowLastChange pwdLastSet
filter group (objectClass=group)
On Thu, Nov 20, 2014 at 1:45 AM, Rob Mason <rob.mason at acasta.co.uk> wrote:
> A little further forward! I've re-provisioned the domain and re-created
> the new 'nslcd-connect' user just to be sure.
>
> 'binddn' is now working - but is complaining about 'uidNumber'. I think
> this is now just a mapping issue. Anyone??
>
> nslcd: [495cff] <passwd(all)> DEBUG:
> myldap_search(base="CN=Users,DC=acasta,DC=intra",
> filter="(objectClass=user)")
> nslcd: [495cff] <passwd(all)> DEBUG: ldap_result():
> CN=Administrator,CN=Users,DC=acasta,DC=intra
> nslcd: [495cff] <passwd(all)>
> CN=Administrator,CN=Users,DC=acasta,DC=intra: uidNumber: missing
> nslcd: [495cff] <passwd(all)> DEBUG: ldap_result():
> CN=nslcd-connect,CN=Users,DC=acasta,DC=intra
> nslcd: [495cff] <passwd(all)>
> CN=nslcd-connect,CN=Users,DC=acasta,DC=intra: uidNumber: missing
> nslcd: [495cff] <passwd(all)> DEBUG: ldap_result():
> CN=krbtgt,CN=Users,DC=acasta,DC=intra
> nslcd: [495cff] <passwd(all)> CN=krbtgt,CN=Users,DC=acasta,DC=intra:
> uidNumber: missing
> nslcd: [495cff] <passwd(all)> DEBUG: ldap_result():
> CN=Guest,CN=Users,DC=acasta,DC=intra
> nslcd: [495cff] <passwd(all)> CN=Guest,CN=Users,DC=acasta,DC=intra:
> uidNumber: missing
> nslcd: [495cff] <passwd(all)> DEBUG: ldap_result(): end of results (4
> total)
>
> The full nslcd.conf is here:
>
> uid nslcd
> gid nslcd
> uri ldap://kepler.acasta.intra/
> base CN=Users,DC=acasta,DC=intra
> binddn CN=nslcd-connect,CN=Users,DC=acasta,DC=intra
> bindpw xxxxxxxx
> pagesize 1000
> referrals off
> filter passwd (objectClass=user)
> filter group (objectClass=group)
> map passwd uid sAMAccountName
> map passwd homeDirectory unixHomeDirectory
> map passwd gecos displayName
> map passwd gidNumber primaryGroupID
> map passwd uidNumber uidNumber
> #map group uniqueMember member
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list