Vladimir Skubriev
2019-Feb-05 08:31 UTC
[Samba] Samba 4.7 and Editposix/Trusted Ldapsam extension support.
Something like this. But this link has no info that I need. On the roadmap: https://wiki.samba.org/index.php/Roadmap There is information <https://wiki.samba.org/index.php/Samba4/LDAP_Backend#.28De.29motivation> about general purpose LDAP server as the backend (e.g. openLDAP). But that's not what i was looking for. I looking for status of `passdb backend = ldapsam` feature. This feature implemented in `3.6.25`. But when I try to configure this in 4.7, there is a some caveats prompting that my system will not work. For example: root at server-storage:/# net idmap set secret ACME PasswordClearText ldap_url_parse_ext(ldap://localhost/) ldap_init: trying /etc/ldap/ldap.conf ldap_init: using /etc/ldap/ldap.conf ldap_url_parse_ext(ldaps://ldap.acme.com) ldap_init: HOME env is /root ldap_init: trying /root/ldaprc ldap_init: trying /root/.ldaprc ldap_init: trying ldaprc ldap_init: LDAPCONF env is NULL ldap_init: LDAPRC env is NULL The only currently supported backend are LDAP and rfc2307 Message `The only currently supported backend are LDAP and rfc2307` hints that it is not supported. вт, 5 февр. 2019 г. в 11:14, L.P.H. van Belle via samba < samba at lists.samba.org>:> You mean this : > https://wiki.samba.org/index.php/Samba_Release_Planning > > > > -----Oorspronkelijk bericht----- > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > > Vladimir Skubriev via samba > > Verzonden: dinsdag 5 februari 2019 9:07 > > Aan: samba at lists.samba.org > > Onderwerp: [Samba] Samba 4.7 and Editposix/Trusted Ldapsam > > extension support. > > > > Is there a page with support status of this feature in current samba > > releases ? > > > > What is the current status and future? > > > > -- > > Best Regards, > > > > Vladimir Skubriev > > System Administrator > > CVisionLab > > > > +7.918.504.38.20 > > skubriev at cvisionlab.com > > http://cvisionlab.com > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/options/samba > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- Best Regards, Vladimir Skubriev System Administrator CVisionLab +7.918.504.38.20 skubriev at cvisionlab.com http://cvisionlab.com
Rowland Penny
2019-Feb-05 08:42 UTC
[Samba] Samba 4.7 and Editposix/Trusted Ldapsam extension support.
On Tue, 5 Feb 2019 11:31:53 +0300 Vladimir Skubriev via samba <samba at lists.samba.org> wrote:> Something like this. > > But this link has no info that I need. > > On the roadmap: https://wiki.samba.org/index.php/Roadmap > > There is information > <https://wiki.samba.org/index.php/Samba4/LDAP_Backend#.28De.29motivation> > about general purpose LDAP server as the backend (e.g. openLDAP).That page is about using openldap with a Samba AD DC instead of the builtin ldap.> > But that's not what i was looking for. > > I looking for status of `passdb backend = ldapsam` feature. This > feature implemented in `3.6.25`. > > But when I try to configure this in 4.7, there is a some caveats > prompting that my system will not work.It worked last time I tried it.> > For example: > > root at server-storage:/# net idmap set secret ACME PasswordClearText > ldap_url_parse_ext(ldap://localhost/) > ldap_init: trying /etc/ldap/ldap.conf > ldap_init: using /etc/ldap/ldap.conf > ldap_url_parse_ext(ldaps://ldap.acme.com) > ldap_init: HOME env is /root > ldap_init: trying /root/ldaprc > ldap_init: trying /root/.ldaprc > ldap_init: trying ldaprc > ldap_init: LDAPCONF env is NULL > ldap_init: LDAPRC env is NULL > The only currently supported backend are LDAP and rfc2307 > > Message `The only currently supported backend are LDAP and rfc2307` > hints that it is not supported. >As far as I am aware, ldapsam editposix is LDAP. Perhaps you haven't set Samba up correctly ? Rowland
Rowland Penny
2019-Feb-05 09:10 UTC
[Samba] Samba 4.7 and Editposix/Trusted Ldapsam extension support.
On Tue, 5 Feb 2019 11:56:05 +0300 Vladimir Skubriev <skubriev at cvisionlab.com> wrote:> вт, 5 февр. 2019 г. в 11:42, Rowland Penny via samba > <samba at lists.samba.org > >: > > > On Tue, 5 Feb 2019 11:31:53 +0300 > > Vladimir Skubriev via samba <samba at lists.samba.org> wrote: > > > > > Something like this. > > > > > > But this link has no info that I need. > > > > > > On the roadmap: https://wiki.samba.org/index.php/Roadmap > > > > > > There is information > > > <https://wiki.samba.org/index.php/Samba4/LDAP_Backend#.28De.29motivation > > > > > > about general purpose LDAP server as the backend (e.g. openLDAP). > > > > That page is about using openldap with a Samba AD DC instead of the > > builtin ldap. > > > > > Yes. There is another way. And I do not want to setup samba this way.You really should consider a Samba AD domain, easier to set up and maintain, more importantly, they have a future.> > > > > > > > But that's not what i was looking for. > > > > > > I looking for status of `passdb backend = ldapsam` feature. This > > > feature implemented in `3.6.25`. > > > > > > But when I try to configure this in 4.7, there is a some caveats > > > prompting that my system will not work. > > > > It worked last time I tried it. > > > > > It is a good news. Thank you.Just checked, it is in a VM, so started it and it is still working, using Samba 4.7.6 Rowland
Harry Jede
2019-Feb-05 14:26 UTC
[Samba] Samba 4.7 and Editposix/Trusted Ldapsam extension support.
Am 05.02.19 um 09:31 schrieb Vladimir Skubriev via samba:> But that's not what i was looking for. > > I looking for status of `passdb backend = ldapsam` feature. This feature > implemented in `3.6.25`. > > But when I try to configure this in 4.7, there is a some caveats prompting > that my system will not work. > > For example: > > root at server-storage:/# net idmap set secret ACME PasswordClearText > ldap_url_parse_ext(ldap://localhost/) > ldap_init: trying /etc/ldap/ldap.conf > ldap_init: using /etc/ldap/ldap.conf > ldap_url_parse_ext(ldaps://ldap.acme.com)I assume you don't follow the rules for libldap usage!!! in /etc/ldap/ldap.conf you have a ldaps server configured> ldap_init: HOME env is /root > ldap_init: trying /root/ldaprclibldap searches for your certificates, not found> ldap_init: trying/root/.ldaprcsame here> ldap_init: trying ldaprcsame here> ldap_init: LDAPCONF env is NULLsame here> ldap_init: LDAPRC env is NULLsame here> The only currently supported backend are LDAP and rfc2307 > > Message `The only currently supported backend are LDAP and rfc2307` hints > that it is not supported.the net command bails out, that it can not contact any ldap(s) server!!! Read man ldap.conf or search for: site:http://www.openldap.org/doc/ ldaprc -- Harry Jede
Maybe Matching Threads
- Samba 4.7 and Editposix/Trusted Ldapsam extension support.
- Samba 4.7 and Editposix/Trusted Ldapsam extension support.
- Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend = ldapsam
- Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend = ldapsam
- Migration from 3.6.25-0ubuntu0.12.04.10 to 4.x with passdb backend = ldapsam