Hi, I am testing Samba-3.0.0.beta1, which we will use to migrate our
Win2000 domain ( at last ;) )
* things done:
- Configured LDAP + permissions
- Configured Samba.
pdbedit -a already creates users in LDAP ( objectclass: account;
objectclass: sambaSamAccount )
* observed problems:
( might be due to some error on my part, please explain in that case )
idmap backend = ldap:ldap://localhost makes pdbedit segfault ( with every
option, especially -L ). Level 4 debugging shows it is stopping right after
parsing smb.conf
( currently "working" with idmap backend = )
idmap backend = winbind does not work
pdbedit -i tdbsam -e ldapsam -g does not export builtin groups to LDAP.
Shall I create them by hand? Which objectclass shall I use?
pdbedit -L -g does not list *any* group
pdbedit -L -g -b tdbsam does list builtin groups.
wbinfo -u times out, unable to return anything
( We did not supply -Ausername%password.... is that needed? in that case
which user? privileges? )
We are attempting to use NUA. Can switch to POSIX users/groups in LDAP if
necessary.
Please, ask for any additional information needed. I will be glad to
provide it and help test/debug this thing.
Thanks in advance.
Regards,
J.L.
------- Configuration: ----
System: DELL 2600: 2 x Xeon2.4GHz, 1GB ECC DDR RAM, SCSI disks
OS: Debian GNU/Linux 3.0 "Woody" + packages from "Sid";
Kernel:
Linux-2.4.21-xfs
Samba from Debian's package: samba-3.0.0.beta1-1, from official repository
----8<---- smb.conf snippet -----
passdb backend = ldapsam:ldap://localhost, guest
algorithmic rid base = 1000
ldap suffix = dc=recuerdo,dc=net
ldap admin dn = uid=samba,ou=daemons,dc=recuerdo,dc=net
ldap delete dn = no
ldap user suffix = ou=people
ldap group suffix = ou=groups
ldap idmap suffix = ou=idmap,ou=samba
ldap machine suffix = ou=machines
ldap filter = "(uid=%u)"
idmap only = no
#idmap backend idmap uid = 10000-40000
idmap gid = 10000-40000
