Gar Nelson
2007-Nov-20 18:53 UTC
[Samba] Configuring samba users with existing ldap (pdbedit -Lv <uid>)
I'm currently going through chapter 5 of Samba-3 by Example, "Making
Users Happy"
Step 16 is where I get a hiccup. When I execute the command "pdbedit
-Lv" which according to the man page should list out all my users, I get
nothing back. All the previous steps have worked using one of my
existing LDAP account uids.
There seem to be extra things I need to have in my LDAP directory tree,
but I'm unsure how to get them there. The Samba installation is new, so
I can afford to mess things up there, but not in the existing LDAP
structure. I've googled 'adding ldap accounts to samba' and I've
done a
search here on the list for anything related to LDAP. So far, nothing
I've been reading seems to apply. If I had no LDAP accounts there are
some migration commands that look appropriate, but none of them seem to
address the situation of having an already established LDAP directory.
OS is RHEL4
Samba is 3.0.26a-35
openldap is 2.2.13-7.4E
A current entry for a person looks like this:
dn: uid=rsync,ou=People,dc=ggw,dc=nws,dc=noaa
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: rsync
cn: Rsync
sn: User
displayName: Rsync User
mail: rsync@localhost
initials: rsu
telephoneNumber: 406-228-2850
mobile: 406-228-2850
postalAddress: 101 Airport Road
carLicense: xxxxxx
userPassword: {crypt}!!
shadowLastChange: 13798
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 586
gidNumber: 586
homeDirectory: /home/rsync
gecos: Rsync User
Adam Williams
2007-Dec-07 21:49 UTC
[Samba] Configuring samba users with existing ldap (pdbedit -Lv <uid>)
Gar Nelson wrote:> I'm currently going through chapter 5 of Samba-3 by Example, "Making > Users Happy" > > Step 16 is where I get a hiccup. When I execute the command "pdbedit > -Lv" which according to the man page should list out all my users, I > get nothing back. All the previous steps have worked using one of my > existing LDAP account uids. > > There seem to be extra things I need to have in my LDAP directory > tree, but I'm unsure how to get them there. The Samba installation is > new, so I can afford to mess things up there, but not in the existing > LDAP structure. I've googled 'adding ldap accounts to samba' and I've > done a search here on the list for anything related to LDAP. So far, > nothing I've been reading seems to apply. If I had no LDAP accounts > there are some migration commands that look appropriate, but none of > them seem to address the situation of having an already established > LDAP directory. > >did you tell samba to connect to ldap? you'll need to run smbpasswd -w ldappasswdhere and have in your smb.conf something like this: passdb backend = ldapsam:ldap://gomer.mdah.state.ms.us ldap suffix = dc=gomer,dc=mdah,dc=state,dc=ms,dc=us ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Group ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=gomer,dc=mdah,dc=state,dc=ms,dc=us idmap backend = ldap:ldap://gomer.mdah.state.ms.us idmap uid = 10000-20000 idmap gid = 10000-20000