Greetings ... I have a quick question, which I hope will get a straight and quick answer. I am moving my system from flat files to LDAP. I have had my users in LDAP for a while, but then found that my computer accounts for Win2K in still in passwd. My question is, what are the bare minume LDAP attribs that I need for them to contiune to work? But I don't think I am going to get that answered, so, do I need a Unix password for computers? I would just like to keep as little info my LDAP as possible .. I still believe the smallest amount of common info is best. Thanks. Mailed Lee
> Message: 18 > Date: Wed, 15 Jan 2003 15:58:41 +0200 > From: "C.Lee Taylor" <leet@leenx.co.za> > Organization: LeeNX > To: samba@lists.samba.org > Subject: [Samba] SMB+LDAP Question ... > > Greetings ... > > I have a quick question, which I hope will get a straight and quick answer. > > I am moving my system from flat files to LDAP. I have had my users in > LDAP for a while, but then found that my computer accounts for Win2K in > still in passwd. My question is, what are the bare minume LDAP attribs > that I need for them to contiune to work?AFAIK, just sambaAccount and related items.> > But I don't think I am going to get that answered, so, do I need a Unix > password for computers? >No.> I would just like to keep as little info my LDAP as possible .. I still > believe the smallest amount of common info is best.In the end, in 2.2.x and non-NUA sam backends in 3.0alpha, you need the following to work on any DC: $ getent passwd <machine>$ So, on your DCs, you either need a unix account for the machine in /etc/passwd, or an LDAP account with posixAccount and sambaAccount BTW, see examples/LDAP/import_smbpasswd.pl in the samba docs if you hanen't yet. Should work for importing machine accounts. Buchan -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7
I'd like to trow myself into the same disussion... I'm also trying to get Samba 2.2.7 working from LDAP. So far I can see the users/groups in LDAP, but there is not way I am able to get W2K Pro machines to join the domain. Every time it comes up with a "...The account used is a computer account...." when trying to join the domain. The machine account is actually created in the LDAP tree, but for some reason the process does not finish. I'm at a loss as to why this is. I'm using "add user script /usr/local/bin/smbldap-useradd.pl -w %u" I've looked around on the samba mailinglists etc, but I've so far been unable to find a solution to this problem... Regards, Thomas "C.Lee Taylor" <leet@leenx.co.za> wrote in message news:3E256911.8060306@leenx.co.za...> Greetings ... > > I have a quick question, which I hope will get a straight and quickanswer.> > I am moving my system from flat files to LDAP. I have had my users in > LDAP for a while, but then found that my computer accounts for Win2K in > still in passwd. My question is, what are the bare minume LDAP attribs > that I need for them to contiune to work? >
it sound like to me you need in your smb.conf file
ldap machine suffix = "ou=computers,dc=blah blah"
ou is what ever you called your unit for storing computers. it may be users.
cheers
-------------
Kristyan Osborne IT Technician
Longhill High School
01273 391672
------
Computers are like airconditioners: They stop working properly if you open
windows.
Win95: A 32-bit patch for a 16-bit GUI shell running on top of an
8-bit operating system written for a 4-bit processor by a
2-bit company who cannot stand 1 bit of competition.
-----Original Message-----
From: Thomas Nilsen [mailto:thomas.nilsen@doc-s.co.uk]
Sent: 15 January 2003 21:13
To: samba@lists.samba.org
Subject: [Samba] Re: SMB+LDAP Question ...
I'd like to trow myself into the same disussion...
I'm also trying to get Samba 2.2.7 working from LDAP. So far I can see the
users/groups in LDAP, but there is not way I am able to get W2K Pro machines
to join the domain. Every time it comes up with a "...The account used is a
computer account...." when trying to join the domain. The machine account
is
actually created in the LDAP tree, but for some reason the process does not
finish. I'm at a loss as to why this is. I'm using "add user script
/usr/local/bin/smbldap-useradd.pl -w %u"
I've looked around on the samba mailinglists etc, but I've so far been
unable to find a solution to this problem...
Regards,
Thomas
"C.Lee Taylor" <leet@leenx.co.za> wrote in message
news:3E256911.8060306@leenx.co.za...> Greetings ...
>
> I have a quick question, which I hope will get a straight and quick
answer.>
> I am moving my system from flat files to LDAP. I have had my users in
> LDAP for a while, but then found that my computer accounts for Win2K in
> still in passwd. My question is, what are the bare minume LDAP attribs
> that I need for them to contiune to work?
>
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba