thr3ads.net - samba - [Samba] How do I add accounts when using ldap authentication? [Apr 2004]

If this information is useful, please help other people find it:
Share via:

K. Richard Pixley

2004-Apr-16 01:15 UTC

[Samba] How do I add accounts when using ldap authentication?

I'm confused about how ldap authentication is expected to work.  Right
now I'm seeing linux authentication work, apparently, but no samba
users.

[root@violet samba]# pdbedit -Lv
[root@violet samba]# smbpasswd -a rpixley
New SMB password:
Retype new SMB password:
ldapsam_search_one_group: Problem during the LDAP search: LDAP error:  (No such
object)ldapsam_modify_entry: Failed to add user dn=
uid=rpixley,ou=People,dc=isw1,dc=symbol,dc=com with: Already exists

ldapsam_add_sam_account: failed to modify/add user with uid = rpixley (dn =
uid=rpixley,ou=People,dc=isw1,dc=symbol,dc=com)
Failed to add entry for user rpixley.
Failed to modify password entry for user rpixley

Relevant smb.conf lines are:

# ldap
ldap admin dn = "cn=root,dc=isw1,dc=symbol,dc=com"
ldap ssl = off
passdb backend = ldapsam:ldap://ldap.isw1.symbol.com
ldap user suffix = ou=People,dc=isw1,dc=symbol,dc=com
ldap group suffix = ou=Groups,dc=isw1,dc=symbol,dc=com
ldap machine suffix = ou=Computers,dc=isw1,dc=symbol,dc=com
ldap suffix = dc=isw1,dc=symbol,dc=com
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap passwd sync = yes

Anyone see an obvious flaw in what I'm doing?  Or can anyone point me
toward clarifying doc?  (most of this comes from the howto).

Redhat Enterprise Linux, stock, up-to-date, apparently running
samba-3.0.2, openldap 2.0.27.

--rich

Jérôme Tournier

2004-Apr-16 09:52 UTC

head link

[Samba] How do I add accounts when using ldap authentication?

Le Thu, Apr 15, 2004 at 06:14:41PM -0700, K. Richard Pixley a
ecrit:> ldap user suffix = ou=People,dc=isw1,dc=symbol,dc=com
> ldap group suffix = ou=Groups,dc=isw1,dc=symbol,dc=com
> ldap machine suffix = ou=Computers,dc=isw1,dc=symbol,dc=com
> ldap suffix = dc=isw1,dc=symbol,dc=com
> ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
> ldap passwd sync = yes
> Anyone see an obvious flaw in what I'm doing?  Or can anyone point me
> toward clarifying doc?  (most of this comes from the howto)."ldap user suffix", "ldap group suffix" and "ldap
machine suffix" must not
have the suffix extension. And i think it is recommanded to comment the
"ldap filter" directive. You must then have:

 ldap suffix = dc=isw1,dc=symbol,dc=com
 ldap user suffix = ou=People
 ldap group suffix = ou=Groups
 ldap machine suffix = ou=Computers
 # ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
-- 
J?r?me

Maybe Matching Threads

Search for more apparently analagous threads

samba - Apr 2004 - How do I add accounts when using ldap authentication?

[Samba] How do I add accounts when using ldap authentication?

[Samba] How do I add accounts when using ldap authentication?

Maybe Matching Threads