Hi... I'm running samba and ldap (openldap). Using smbpasswd -a username adds the samba ldap info into the users ldap entry just fine. The problem is deletion. Running smbpasswd -x username deletes the ENTIRE user's ldap entry. This is good if I want to delete the unix and windows account information, but not if I want to just delete the windows info. I assume it is because the ldap dn I connect with from samba has write access to the ldap branch and just deletes the entire entry. Can I make it just delete the samba related fields in the record, or do the samba accounts need to be in a seperate branch? Thanks.... -- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ken@cs.uml.edu
Well, I think I have my answer. Instead of embedding the samba ldap entries into the same record that the posix/unix stuff is in, I created another ou for sambausers and point samba to that. Deleting the user now just deletes samba entry. Phew.> > Hi... > > I'm running samba and ldap (openldap). Using smbpasswd -a username > adds the samba ldap info into the users ldap entry just fine. > > The problem is deletion. Running smbpasswd -x username deletes the > ENTIRE user's ldap entry. This is good if I want to delete the unix and > windows account information, but not if I want to just delete the windows > info. > > I assume it is because the ldap dn I connect with from samba has write > access to the ldap branch and just deletes the entire entry. Can I make > it just delete the samba related fields in the record, or do the samba > accounts need to be in a seperate branch? > > Thanks.... > > -- > <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< > > Ken Kleiner > System Manager > Computer Science Department > Umass Lowell > > voice : 978 934 3645 > fax : 978 934 3551 > > cell : 603 930 5582 (emergencies only, please) > > ken@cs.uml.edu > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > > E3-I: This message has been scanned for viruses and dangerous content by UML's antivirus scanning services. > > > >-- <>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <>< Ken Kleiner System Manager Computer Science Department Umass Lowell voice : 978 934 3645 fax : 978 934 3551 cell : 603 930 5582 (emergencies only, please) ken@cs.uml.edu
On Wed, 2003-06-11 at 04:41, Ken Kleiner wrote:> Hi... > > I'm running samba and ldap (openldap). Using smbpasswd -a username > adds the samba ldap info into the users ldap entry just fine. > > The problem is deletion. Running smbpasswd -x username deletes the > ENTIRE user's ldap entry. This is good if I want to delete the unix and > windows account information, but not if I want to just delete the windows > info.Samba 3.0 has the new option 'ldap delete dn', for exactly this reason. -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030611/6a2656fb/attachment.bin