Hello,
I currently have a samba server set up as my network PDC (using LDAP as
passdb), and I'm trying to set up another linux file server on the network.
This file server should allow users to log in based on their passwords on
the PDC, however it doesn't need (nor would be appropriate) to be a BDC.
How can I set it up to read the remote LDAP? I have already installed
libnss-ldap, configured nsswitch and installed winbind, but I couldn't get
it to work.
Here is my smb.conf from the file server:
[global]
workgroup = PRODESAN.COM.BR
server string = %h server (Samba %v)
obey pam restrictions = Yes
passdb backend = tdbsam, guest
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
log level = 3
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
domain logons = Yes
domain master = No
dns proxy = No
ldap admin dn = cn=admin,dc=prodesan,dc=com,dc=br
ldap delete dn = Yes
ldap group suffix = ou=grupos
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=computadores
ldap passwd sync = Yes
ldap suffix = dc=prodesan,dc=com,dc=br
ldap user suffix = ou=pessoas
panic action = /usr/share/samba/panic-action %d
idmap backend = ldap:ldap://127.0.0.1
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = \
winbind enum users = yes
invalid users = root
--
Diego Alencar Alves de Lima
DINF - Prodesan (http://www.prodesan.com.br)
Prefeitura Municipal de Santos (http://www.santos.sp.gov.br)
--
Esta mensagem foi verificada pelo sistema de antiv?rus e
acredita-se estar livre de perigo.
I know very little about ldap, but would not this be required? passdb backend = ldapsam:ldap://<your-remote-hostname> Dale Diego Lima wrote:> Hello, > > I currently have a samba server set up as my network PDC (using LDAP as > passdb), and I'm trying to set up another linux file server on the network. > > This file server should allow users to log in based on their passwords on > the PDC, however it doesn't need (nor would be appropriate) to be a BDC. > > How can I set it up to read the remote LDAP? I have already installed > libnss-ldap, configured nsswitch and installed winbind, but I couldn't get > it to work. > > Here is my smb.conf from the file server: > > [global] > workgroup = PRODESAN.COM.BR > server string = %h server (Samba %v) > obey pam restrictions = Yes > ***passdb backend = tdbsam, guest > passwd program = /usr/bin/passwd %u > passwd chat = *Enter\snew\sUNIX\spassword:* %n\n > *Retype\snew\sUNIX\spassword:* %n\n . > log level = 3 > syslog = 0 > log file = /var/log/samba/log.%m > max log size = 1000 > domain logons = Yes > domain master = No > dns proxy = No > ldap admin dn = cn=admin,dc=prodesan,dc=com,dc=br > ldap delete dn = Yes > ldap group suffix = ou=grupos > ldap idmap suffix = ou=Idmap > ldap machine suffix = ou=computadores > ldap passwd sync = Yes > ldap suffix = dc=prodesan,dc=com,dc=br > ldap user suffix = ou=pessoas > panic action = /usr/share/samba/panic-action %d > idmap backend = ldap:ldap://127.0.0.1 > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind separator = \ > winbind enum users = yes > invalid users = root > > > -- > Diego Alencar Alves de Lima > DINF - Prodesan (http://www.prodesan.com.br) > Prefeitura Municipal de Santos (http://www.santos.sp.gov.br) > > >
On 1/19/07, Diego Lima <diego-lima@prodesan.com.br> wrote:> Hello, > > I currently have a samba server set up as my network PDC (using LDAP as > passdb), and I'm trying to set up another linux file server on the network. > > This file server should allow users to log in based on their passwords on > the PDC, however it doesn't need (nor would be appropriate) to be a BDC.you should join the linux server to your domain, that's it. check the docs on how to do that. -- Groeten, J.Asenjo