[Samba] Searching samba ldap without authentication

Rowland Penny rowlandpenny at googlemail.com
Mon Feb 2 07:48:52 MST 2015

On 02/02/15 13:55, Jean-François Morcillo wrote

> Ok, thank you I had seen how to create users, but I missed how to modify
> properties, I'm gonna check this.
> Anyway, any idea why the python script tries to connect to the remote
> AD, while the command line tool only connect to the local AD?

Probably because you are connecting via ldapi, try the ldb-tools 
instead, you can search on the DC without a password, adding or 
modifying requires a password. You may be duplicating the work done on 
samba-tool, I would suggest that you investigate this python tool before 
you go much further, no point in re-inventing the wheel, is there :-)

> You're right :)
> Let say we were late in this area and hope to be up to date very soon.

I hope so, 3.6 is about to EOL when 4.2 comes out.

> Ok, thank you, I'm sorry for the confusion introduced by the old-school
> names, it was the only way for me to express the small difference
> between the machines.

I understand what you mean, but it is better to get into the habit of 
just referring to them as DC's as samba4 can still be setup as an NT4 
PDC. As far as I know, there is no microsoft obsolete policy on samba, 
things are only removed when nobody is using them or are no longer required.


More information about the samba mailing list