I'm trying to resolve an issue with Samba and LDAP. I'm using a program
called Spider that provides network based rendering using domain logons to
controll who can access the renders on the farm. It requires a group called
SpiderAdmin to be setup (which I've done) and have added the users into the
group. However, the only way that the SpiderAdmin users can access the
renders on the network is if I also make them "admin users" in the
smb.conf
file. If they are not a member of "admin users", when I check the log
file
I get:
ldapsam_search_one_group: Problem during the LDAP search: LDAP error:
(Insufficient access)smbldap_open: cannot access LDAP when not root..
I've looked at the samba bug list and there was a reference to this problem.
Has it been fixed? I know that the group works because the user cannot
access SpiderAdmin if they are not in the group but are an admin users.
However, this forces me to give root access to users that I do not wish to.
It opens up a major hole in the network.
It seems as if Samba cannot access LDAP unless the user has root access. Is
there a way around this?
Cheers,
Jason