George Farris wrote:>
> I have followed the samba ldap pdc howto and am able to login and have
> ldap authenticate shell accounts via the console and ssh. However, when
> I try to login via smbclient or a Windows 98 machine it won't
> authenticate. The ldap search actually ends up looking for a UID with
> the domain included. Log file shows thus:
>
> daemon: conn=0 fd=9 connection from IP=127.0.0.1:1214 (IP=0.0.0.0:34049)
> accepted.
> conn=0 op=0 BIND dn="" method=128
> ber_flush: 14 bytes to sd 9
> deferring operation
> conn=0 op=0 RESULT tag=97 err=0 text> conn=0 op=1 SRCH
base="dc=cc,dc=mala,dc=bc,dc=ca" scope=2
> filter="(&(objectClass=posixAccount)(uid=APOLLO\5CGEORGE))"
> ber_flush: 14 bytes to sd 9
> conn=0 op=1 SEARCH RESULT tag=101 err=0 text>
> Shouldn't the objectClass be sambaAccount not posixAccount?
> Shouldn't the uid = george and not apollo\5cgeorge?
This is the search that samba makes via nss_ldap (hence the
posixAccount) when attempting to find usernames in the form
domain\username. If this doesn't exist, then it tries 'username'.
This
isn't the cause of your problems.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net