[Samba] samba with customized ldap backend
L.P.H. van Belle
belle at bazuin.nl
Wed Oct 12 10:17:34 UTC 2016
Your error.
> > dn: uid=102220,ou=User,dc=example,dc=com
> > uid: 102220
> > username: test1
Samba normaly set uid=Username and not the uidNumber
First find why you have uid=Number and not uid=Username.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Arun Gupta via
> samba
> Verzonden: woensdag 12 oktober 2016 11:56
> Aan: mathias dufresne
> CC: samba
> Onderwerp: Re: [Samba] samba with customized ldap backend
>
>
> Sir,
>
>
> No AD, that's some NT4 domain.
> Yes, it has no AD
>
> - No Winbind because Winbind is using samacccountname as user login and
> not UID.
> --> Not configured
>
> > - Issue happens on Linux or UNIX clients.
> On both client
>
>
> I am using sssd and pam_ldap for user retrival and modified
> pam_login_attribute (pam_ldap.conf file) to username instead of uid (by
> default value) so I am very well able to authenticate with many services
> like ssh, smtp
> auth etc but in sabma case it is trying to contact uid='numeric value'
> instead of username=test1.
>
> I think somewhere in configuration, we may define username attribute
> instead of uid which is samba configured.
>
> Regards,
> Arun
>
>
>
>
> On Wed, 12 Oct 2016, mathias dufresne wrote:
>
> > I have to assume much, I'll try. So...
> > - No AD, that's some NT4 domain.
> > - No Winbind because Winbind is using samacccountname as user login and
> not UID.
> > - Issue happens on Linux or UNIX clients.
> >
> >
> > The question is what tool (SSSD, pam_ldap / nss_ldap, nslcd...) are you
> using to retrieve information from LDAP to forge users on system side.
> >
> > Once you get an answer to this previous question check how to configure
> that tool to tell it that uid is uid and login. Most of them can do that.
> >
> > 2016-10-12 7:30 GMT+02:00 Arun Gupta via samba <samba at lists.samba.org>:
> > Sir,
> >
> > Please help me out
> >
> > Regards,
> > Arun
> >
> > On Tue, 4 Oct 2016, Arun Gupta wrote:
> >
> > Dear All,
> >
> > I have configured ldap with uid='some numeric' instead of
> uid=username
> >
> > like that;
> >
> > dn: uid=102220,ou=User,dc=example,dc=com
> > uid: 102220
> > username: test1
> > cn: Test Account
> > objectClass: inetOrgPerson
> > objectClass: posixAccount
> > objectClass: top
> > objectClass: shadowAccount
> > objectClass: sambaSamAccount
> > mail: test1 at cdac.in
> > shadowLastChange: 15587
> > loginShell: /bin/bash
> > uidNumber: 5345
> > gidNumber: 5345
> > homeDirectory: /home/test1
> > userPassword: {SSHA256}v7vlA8YYjJ27IbPQQa8eaChdHFcnw==
> > sambaPwdLastSet: 1473165911
> > sambaLMPassword: 7e58f6a33f8b3ef68ef354180a3a1da7
> > sambaSID: S-1-5-21-4079184197-2446238136-3299756537-1008
> > sambaAcctFlags: [UX ]
> > sambaNTPassword: 0242A7FEC5CD294F916925766089E573
> >
> >
> > when I configured samba with ldap backend then samba is not
> able to get user information (because samba always search attribute
> > uid=numeric), but when I replace uid=username (uid=test1
> instead of uid=102220) it works and authenticate successful.
> >
> > As I have 3000+ users in ldap and it is not possible to
> change to all user settings, request to you kindly give me some clue to
> find out
> > the solution, I will highly obliged for the same.
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> -------------------------------------------------------
> > [ C-DAC is on Social-Media too. Kindly follow us at:
> > Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ]
> >
> > This e-mail is for the sole use of the intended recipient(s) and may
> > contain confidential and privileged information. If you are not the
> > intended recipient, please contact the sender by reply e-mail and
> destroy
> > all copies and the original message. Any unauthorized review, use,
> > disclosure, dissemination, forwarding, printing or copying of this email
> > is strictly prohibited and appropriate legal action will be taken.
> > ------------------------------------------------------------------------
> -------------------------------------------------------
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> >
> >
> >
>
> --
>
> Thanks & Regards,
>
> Arun Kumar Gupta
> Mail Administrator
> HPC Infrastructure and Ecosystem Group
> Centre for Development of Advanced Computing
> Savitribai Phule Pune University Campus
> PUNE-Maharastra
> Phone : +91-20-25704347
> WEB : http://www.cdac.in/
>
> --------------------------------------------------------------------------
> -----------------------------------------------------
> [ C-DAC is on Social-Media too. Kindly follow us at:
> Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ]
>
> This e-mail is for the sole use of the intended recipient(s) and may
> contain confidential and privileged information. If you are not the
> intended recipient, please contact the sender by reply e-mail and destroy
> all copies and the original message. Any unauthorized review, use,
> disclosure, dissemination, forwarding, printing or copying of this email
> is strictly prohibited and appropriate legal action will be taken.
> --------------------------------------------------------------------------
> -----------------------------------------------------
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list