Hi, I am testing Samba-3.0.0.beta1, which we will use to migrate our Win2000 domain ( at last ;) ) * things done: - Configured LDAP + permissions - Configured Samba. pdbedit -a already creates users in LDAP ( objectclass: account; objectclass: sambaSamAccount ) * observed problems: ( might be due to some error on my part, please explain in that case ) idmap backend = ldap:ldap://localhost makes pdbedit segfault ( with every option, especially -L ). Level 4 debugging shows it is stopping right after parsing smb.conf ( currently "working" with idmap backend = ) idmap backend = winbind does not work pdbedit -i tdbsam -e ldapsam -g does not export builtin groups to LDAP. Shall I create them by hand? Which objectclass shall I use? pdbedit -L -g does not list *any* group pdbedit -L -g -b tdbsam does list builtin groups. wbinfo -u times out, unable to return anything ( We did not supply -Ausername%password.... is that needed? in that case which user? privileges? ) We are attempting to use NUA. Can switch to POSIX users/groups in LDAP if necessary. Please, ask for any additional information needed. I will be glad to provide it and help test/debug this thing. Thanks in advance. Regards, J.L. ------- Configuration: ---- System: DELL 2600: 2 x Xeon2.4GHz, 1GB ECC DDR RAM, SCSI disks OS: Debian GNU/Linux 3.0 "Woody" + packages from "Sid"; Kernel: Linux-2.4.21-xfs Samba from Debian's package: samba-3.0.0.beta1-1, from official repository ----8<---- smb.conf snippet ----- passdb backend = ldapsam:ldap://localhost, guest algorithmic rid base = 1000 ldap suffix = dc=recuerdo,dc=net ldap admin dn = uid=samba,ou=daemons,dc=recuerdo,dc=net ldap delete dn = no ldap user suffix = ou=people ldap group suffix = ou=groups ldap idmap suffix = ou=idmap,ou=samba ldap machine suffix = ou=machines ldap filter = "(uid=%u)" idmap only = no #idmap backend idmap uid = 10000-40000 idmap gid = 10000-40000