Hi How can I config and use idmap (LDAP), I add my idmap on Ldap is ou=idmap,dc=xxxx,dc=net (objectcalss=organizationUnis,top) and smb.conf is ;idmap backend = ldapsam://xxx.xx.xx.xx:389 ; this ldapsam it can't start winbind idmap backend = ldap:ldap//xxx.xx.xx.xxx:389 ;idmap backend = ldap://rod ldap idmap suffix = ou=idmap,dc=xxx,dc=net log.winbind [2003/09/04 10:51:11, 1] nsswitch/winbindd.c:main(832) winbindd version 3.0.0rc2 started. Copyright The Samba Team 2000-2003 [2003/09/04 10:51:11, 0] lib/smbldap.c:smbldap_open_connection(532) ldap_initialize: Time limit exceeded [2003/09/04 10:51:11, 1] lib/smbldap.c:smbldap_retry_open(890) Connection to LDAP Server failed for the 1 try! [2003/09/04 10:51:12, 1] nsswitch/winbindd_util.c:add_trusted_domain(142) Added domain XXX ..... how can I config to use idmap??? --Nus _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
hi, On Thu, Sep 04, 2003 at 03:57:58AM +0000, Mimic Mimicmike wrote:> Hi > How can I config and use idmap (LDAP), > I add my idmap on Ldap is ou=idmap,dc=xxxx,dc=net > (objectcalss=organizationUnis,top) > and smb.conf is > > ;idmap backend = ldapsam://xxx.xx.xx.xx:389 ; this ldapsam it can't > start winbind > idmap backend = ldap:ldap//xxx.xx.xx.xxx:389this is fixed in the CVS-documentation> how can I config to use idmap???you need to configure an admin dn: ldap admin dn = cn=manager,o=yourorg,c=de and set a password with smbpasswd -w secret bye, guenther -- Guenther Deschner guenther.deschner@suse.de SuSE Linux AG GnuPG: 8EE11688 Berliner Str. 27 phone: +49 (0) 30 / 430944778 D-13507 Berlin fax: +49 (0) 30 / 43732804 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20030904/ca9dd08b/attachment.bin
I config admin dn: like that,It work,and I can use ldap with samba for store account for users computers groups but id map is still locate on /var/cache/samba/winbindd_idmap.tdb my ldap is on passdb backend = ldapsam, guest and log file of winbind is [2003/09/03 09:27:37, 0] lib/module.c:smb_load_module(40) Error loading module '/usr/lib/samba/idmap/ldapsam.so': /usr/lib/samba/idmap/ldapsam.so: cannot open shared object file: No such file or directory [2003/09/03 09:27:37, 0] sam/idmap.c:idmap_init(136) idmap_init: could not load remote backend 'ldapsam' thank you bye, --Nus _________________________________________________________________ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
>>hi,>> On Fri, Sep 05, 2003 at 08:49:01AM +0000, Mimic Mimicmike wrote: >> I config admin dn: like that,It work,and I can use ldap with samba for >>store account for users computers groups but id map is still locate >>on /var/cache/samba/winbindd_idmap.tdb>>my ldap is on >>passdb backend = ldapsam, guest> it strange to use security=domain (or ads) and configuring your own >passdb-backend. anyway, shouldn't that look like:> passdb backend = ldapsam:ldap://myldaphost, guestI use security=user ,but I need to trust with other domain. Before and I will move they to samba PDC, My Servers are NT4PDC and win2kPDC Active domain (Native mode) and samba file servers , I will move by small group of client to new samba domain, but file server is still in old domain until last client move to new domain ,if no ploblem, servers will move to samba domain and NT4PDC&W2kPDC will system down forever.>> passdb backend = ldapsam, guest>>and log file of winbind is>>[2003/09/03 09:27:37, 0] lib/module.c:smb_load_module(40) >>Error loading module '/usr/lib/samba/idmap/ldapsam.so': >>/usr/lib/samba/idmap/ldapsam.so: cannot >>open shared object file: No such >>file or directory >>[2003/09/03 09:27:37, 0] sam/idmap.c:idmap_init(136) >>idmap_init: could not load remote backend 'ldapsam'> are you sure you have> idmap backend = ldap:ldap://yourldaphost> and not> idmap backend = ldapsam..> in smb.conf.> this should fix it, i hope.My id map backend is passdb backend = ldapsam://172.xx.x.xxx, guest idmap backend = ldap:ldap//172.xx.x.xxx:xxx ldap idmap suffix = ou=idmap,dc=xxx,dc=xxx I use 'getent passwd' I can see another domain, but it still not store idmap on ldap. thank you --Nus _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail