search for: nss_base_group

...d above. I have tried adding a nss_base directives in /etc/ldap.conf but it has had no effect. my /etc/ldap.conf: binddn uid=SysAuth,ou=Service Accounts,dc=mycompany bindpw secret pam_password clear base dc=betfair nss_base_passwd ou=people,dc=mycompany?sub nss_base_group ou=Groups,dc=mycompany?sub nss_base_group ou=PrivateGroups,dc=mycompany?sub nss_base_group ou=SystemGroups,dc=mycompany?sub sizelimit 1000 idle_timelimit 5 timelimit 10 bind_timelimit 5 nss_rec...

Found it. It turns out that the config file for libnss-ldap is /etc/libnss-ldap.conf on my distro (Debian). So NSS was ignoring the config that I had been in /etc/ldap/ldap.conf and taking it from /etc/libnss-ldap.conf. The former had this "nss_base_group ou=Groups,dc=example,dc=co,dc=uk?sub" and the latter this nss_base_group ou=group,dc=example,dc=co,dc=uk?one. Once I edited group to Groups, it started working. Package: libnss-ldap Priority: extra Section: net Installed-Size: 304 Maintainer: Richard A Nelson (Rick) <...> Architecture:...

...se dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?one nss_base_group ou=Groups,dc=sysgenmedia,dc=com?one ssl off ## end file: /etc/nsswitch.conf -- Noah Dain "I don't want to make toys, I want to be a den...

...Camargo Tolosa wrote: > >http://samba.idealx.org/smbldap-howto.fr.html as you > >recommended. I have one big question, which one do I > >put in '/etc/ldap.conf' > > > >nss_base_passwd dc=wbcoll,dc=edu?one > >nss_base_shadow dc=wbcoll,dc=edu?one > >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one > > > >or > > > >nss_base_passwd ou=Users,dc=wbcoll,dc=edu?one > >nss_base_shadow ou=Users,dc=wbcoll,dc=edu?one > >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one > > > > > Neither, use this: &g...

...security/pam_unix.so session optional /lib/security/pam_ldap.so My /etc/ldap.conf is setup as (world readable): base dc=pds-support,dc=net rootbinddn cn=nssldap,ou=DSA,dc=pds-support,dc=net nss_base_passwd dc=pds-support,dc=net?sub nss_base_shadow dc=pds-support,dc=net?sub nss_base_group ou=Groups,dc=pds-support,dc=net?one ssl no pam_password md5 and my /etc/nsswitch.conf (world readable) passwd: files ldap shadow: files ldap group: files ldap I have /etc/ldap.secret set to world readable atm moment with the password (I plan on changing this once I have it...

...elf. The release notes for 3.0.11 seem to say adding machines under ou=Computers should work. The IDEALX Samba-OpenLDAP Howto (Revision 1.9) seems to indicate it should work. But ldap.conf needs to be set to: nss_base_passwd dc=somewhere,dc=net?sub nss_base_shadow dc=somewhere,dc=net?sub nss_base_group ou=Group,dc=somewhere,dc=net?one (I did this.) The IDEALX Smbldap-tools User Manual (Release:0.8.7) In section 6.9 on page 18 says no, _unless_ you apply the fix as listed above. Note that the IDEALX howtos were released after Samba 3.0.11. I'm using SUSE Pro 9.2 with all patches up to...

Hi, I have running LDAP + SAMBA as PDC on gentoo and I have problem with adding machine account. Whem I try add machine account with pdbedit -am 'hostname' I have this error: smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE.KENS.PL))] smbldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server

...files libnss_ldap.conf host xx.xx.xx.xx base dc=xxx,dc=xxxxx,dc=xxx binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx bindpw xxxxxxx timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx nss_base_group dc=xxx,dc=xxxxx,dc=xxx ssl off Thank you, Wasil.

...= yes guest ok = yes read only = yes ================ /etc/ldap.conf uri ldap://x.x.x.x base dc=test binddn cn=Directory Manager bindpw xxxx #pam_password exop #pam_filter objectclass=sambaSamAccount nss_base_passwd ou=Users,dc=test nss_base_shadow ou=Users,dc=test nss_base_group ou=NTGroups,dc=test ssl no

...ret rootbinddn cn=admin,dc=example,dc=com scope sub bind_policy soft pam_filter objectclass=posixAccount pam_login_attribute uid pam_check_host_attr yes pam_member_attribute memberUid pam_password md5 nss_base_passwd ou=people,dc=example,dc=com?sub nss_base_passwd ou=computers,dc=example,dc=com?sub nss_base_group ou=groups,dc=example,dc=com?sub And the smbldap.conf: SID="S-1-5-21-158730468-2379596502-3695168017" sambaDomain="REALM" slaveLDAP="127.0.0.1" slavePort="389" masterLDAP="127.0.0.1" masterPort="389" ldapTLS="0" verify="re...

...0F0Z2JBKzVyYTFLN2VwVzVIOGlUM3h3PQ== The machine is in group ou=hardware. My /etc/ldap.conf is: URI ldap://localhost:389/ BASE dc=bbs1-emden,dc=schule pam_filter objectclass=posixAccount pam_login_attribute uid nss_base_passwd ou=accounts,dc=bbs1-emden,dc=schule?one nss_base_group ou=groups,dc=bbs1-emden,dc=schule?one My smb.conf is: [global] workgroup = BBS1_EMDEN passdb backend = ldapsam:ldap://fileserver idmap backend = ldapsam:ldap://fileserver ldap suffix = dc=bbs1-emden,dc=schule ldap user suffix = ou=accounts l...

...count)(description=lauterbur) ##nss_base_passwd ou=people,dc=lcni,dc=uoregon,dc=edu nss_base_passwd ou=People,dc=lcni,dc=uoregon,dc=edu nss_base_passwd ou=Computers,dc=lcni,dc=uoregon,dc=edu ##nss_base_shadow ou=people,dc=lcni,dc=uoregon,dc=edu nss_base_shadow ou=People,dc=lcni,dc=uoregon,dc=edu ##nss_base_group ou=group,dc=lcni,dc=uoregon,dc=edu nss_base_group ou=Groups,dc=lcni,dc=uoregon,dc=edu This is maddening, as it is standing in the way of my migration from TAS to Samba+LDAP. I am pathetically in need of assistance, any suggestions would be appreciated. Regards, Chuck Theobald System Administra...

...timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server cert...

...files dns wins /etc/ldap.conf host 127.0.0.1 base dc=prefix1,dc=prefix2,dc=com binddn cn=Manager,dc=prefix1,dc=prefix2,dc=com bindpw secret pam_password exop nss_base_passwd ou=People,dc=prefix1,dc=prefix2,dc=com?one nss_base_shadow ou=People,dc=prefix1,dc=prefix2,dc=com?one nss_base_group ou=Group,dc=prefix1,dc=prefix2,dc=com?one ssl no /etc/openldap/idmap.ldif dn: dc=prefix1,dc=prefix2,dc=com objectClass: dcObject objectClass: organization dc: prefix1.prefix2 o: xxx description: xxx dn: cn=Manager,dc=prefix1,dc=prefix2,dc=com objectClass: organizationalRole cn: Manager d...

...timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_checkpeer yes # CA certificates for server cert...

...could be other branch # in the directory access to * by self read by * none Her's my ldap.conf HOST s2.dbb.su.se BASE dc=dbb,dc=su,dc=se rootbinddn cn=nssldap,ou=DSA,dc=dbb,sc=su,dc=se nss_base_passwd dc=dbb,dc=su,dc=se?sub nss_base_shadow dc=dbb,dc=su,dc=se?sub nss_base_group ou=Groups,dc=dbb,dc=su,dc=se?one pam_password md5 tls_checkpeer yes TLS_CACERT /etc/ldap/ca.pem TLS_REQCERT demand ssl start_tls tls_cert /etc/nss/nssldap.pem tls_key /etc/nss/nssldap.key I can neither login through ssh or login when TLSVerifyClient is set to demand or try. Please enlig...

Hello, have some little problems adding user to domain with USRMGR.EXE My System runs on SuSE 9.1 (2.6.5-7.75-default), samba-3.0.4, smbldap-tools-0.8.5, openldap2-2.2.6 If I try to add a new user with USRMGR.EXE I get an error "Access denied", but if I look into LDAP the new user was correctly added to LDAP. If I confirm the error-message and then cancel the "NEW USER"

...server.example.org base dc=example,dc=org binddn cn=config bindpw 1w2345FJ rootbinddn cn=zimbra,dc=example,dc=org timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 nss_base_passwd ou=people,dc=example,dc=org?one nss_base_shadow ou=people,dc=example,dc=org?one nss_base_group ou=groups,dc=example,dc=org?one nss_base_hosts ou=machines,dc=example,dc=org?one nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman uri ldap://server.example.org ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 smbldap.c...

I'm about ready to smash my head through a wall...I could use a few answers. 1. When using security = ads, and completing net ads join, it was my understanding that samba authenticated username/pword against ads, and local posix accounts were nolonger needed, is this true? 2. If yes, I have not been able to get it to work. If I have a posix user account with the same name as one in

...ldap/server.key tls_cacertfile /etc/openldap/ca.crt base dc=xxxx,dc=xxxx,dc=com binddn cn=Manager,dc=xxxx,dc=xxxx,dc=com bindpw TTTTT nss_base_passwd ou=Users,dc=xxxx,dc=xxxx,dc=com?one nss_base_passwd ou=Computers,dc=xxxx,dc=xxxx,dc=com?one nss_base_shadow ou=Users,dc=xxxx,dc=xxxx,dc=com?one nss_base_group ou=Groups,dc=xxxx,dc=xxxx,dc=com?one nss_base_hosts ou=Hosts,dc=xxxx,dc=xxxx,dc=com?one pam_password md5 /etc/samba/smb.conf - Just the global portion. *********************************** [global] # Your Workgroup Name workgroup = TEST-PURPLE # Server name n...