search for: nss_base_shadow

...ED On Mon, 2004-07-19 at 19:34, Jos? Ildefonso Camargo Tolosa wrote: > >http://samba.idealx.org/smbldap-howto.fr.html as you > >recommended. I have one big question, which one do I > >put in '/etc/ldap.conf' > > > >nss_base_passwd dc=wbcoll,dc=edu?one > >nss_base_shadow dc=wbcoll,dc=edu?one > >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one > > > >or > > > >nss_base_passwd ou=Users,dc=wbcoll,dc=edu?one > >nss_base_shadow ou=Users,dc=wbcoll,dc=edu?one > >nss_base_group ou=Groups,dc=wbcoll,dc=edu?one &gt...

...ted), there is a note wich says that the computers account must be inside the People container due to an error in samba. Is this true?, or can it be due to the config of the nss-ldap and the pam-ldap modules wich is on the book?: (....) > nss_base_passwd ou=People,dc=abmas,dc=biz?one > nss_base_shadow ou=People,dc=abmas,dc=biz?one > nss_base_group ou=Groups,dc=abmas,dc=biz?one (....) The original config look for user account (including the computers ones) only on the container People, so, when the computers accounts are created, the nss and pam doesn't look at them, and samba would fa...

...uide/happy.html#sbehap-nss01 host 127.0.0.1 #base dc=abmas,dc=biz base dc=sysgenmedia,dc=com ldap_version 3 binddn cn=manager,dc=sysgenmedia,dc=com bindpw MyPassWord timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop #nss_base_passwd ou=People,dc=abmas,dc=biz?one #nss_base_shadow ou=People,dc=abmas,dc=biz?one #nss_base_group ou=Groups,dc=abmas,dc=biz?one nss_base_passwd ou=People,dc=sysgenmedia,dc=com?one nss_base_shadow ou=People,dc=sysgenmedia,dc=com?one nss_base_group ou=Groups,dc=sysgenmedia,dc=com?one ssl off ## end file: /etc/nsswitch.conf -- Noah Dain "I d...

Hi, I have running LDAP + SAMBA as PDC on gentoo and I have problem with adding machine account. Whem I try add machine account with pdbedit -am 'hostname' I have this error: smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=OFFICE.KENS.PL))] smbldap_open_connection: connection opened ldap_connect_system: succesful connection to the LDAP server

...rity/pam_limits.so session required /lib/security/pam_unix.so session optional /lib/security/pam_ldap.so My /etc/ldap.conf is setup as (world readable): base dc=pds-support,dc=net rootbinddn cn=nssldap,ou=DSA,dc=pds-support,dc=net nss_base_passwd dc=pds-support,dc=net?sub nss_base_shadow dc=pds-support,dc=net?sub nss_base_group ou=Groups,dc=pds-support,dc=net?one ssl no pam_password md5 and my /etc/nsswitch.conf (world readable) passwd: files ldap shadow: files ldap group: files ldap I have /etc/ldap.secret set to world readable atm moment with the...

Hello, have some little problems adding user to domain with USRMGR.EXE My System runs on SuSE 9.1 (2.6.5-7.75-default), samba-3.0.4, smbldap-tools-0.8.5, openldap2-2.2.6 If I try to add a new user with USRMGR.EXE I get an error "Access denied", but if I look into LDAP the new user was correctly added to LDAP. If I confirm the error-message and then cancel the "NEW USER"

...+ winbind enum users = yes winbind enum groups = yes idmap gid = 10000-20000 idmap uid = 10000-20000 #use nss_winbind = yes template homedir = /home/samba/%D/%U template shell = /bin/false ldap.conf #nss_base_passwd ou=People,dc=example,dc=com?one nss_base_passwd dc=example,dc=com #nss_base_shadow ou=People,dc=example,dc=com?one nss_base_shadow dc=example,dc=com ______________________________________________________________________ This email transmission and any documents, files or previous email messages attached to it may contain information that is confidential...

...ound." This is from the w2k machine itself. The release notes for 3.0.11 seem to say adding machines under ou=Computers should work. The IDEALX Samba-OpenLDAP Howto (Revision 1.9) seems to indicate it should work. But ldap.conf needs to be set to: nss_base_passwd dc=somewhere,dc=net?sub nss_base_shadow dc=somewhere,dc=net?sub nss_base_group ou=Group,dc=somewhere,dc=net?one (I did this.) The IDEALX Smbldap-tools User Manual (Release:0.8.7) In section 6.9 on page 18 says no, _unless_ you apply the fix as listed above. Note that the IDEALX howtos were released after Samba 3.0.11. I'...

...p.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw {SSHA}secret scope sub pam_password exop nss_base_passwd ou=staff,dc=summitnjhome,dc=com nss_base_shadow ou=staff,dc=summitnjhome,dc=com # grep for ldap account shows ldap account on the ldap server itself succeeds [root at LBSD2:/usr/local/etc/openldap] #getent passwd | grep walbs walbs:secret/:1002:1003:Walkiria Soares:/home/walbs:/usr/local/bin/bash [root at LBSD2:/usr/local/etc/openldap] #grep...

...iles publickey: nisplus netgroup: files libnss_ldap.conf host xx.xx.xx.xx base dc=xxx,dc=xxxxx,dc=xxx binddn cn=Administrator,dc=xxx,dc=xxxxx,dc=xxx bindpw xxxxxxx timelimit 50 bind_timelimit 50 bind_policy hard idle_timelimit 3600 pam_password exop nss_base_passwd dc=xxx,dc=xxxxx,dc=xxx nss_base_shadow dc=xxx,dc=xxxxx,dc=xxx nss_base_group dc=xxx,dc=xxxxx,dc=xxx ssl off Thank you, Wasil.

.../samba/drivers browseable = yes guest ok = yes read only = yes ================ /etc/ldap.conf uri ldap://x.x.x.x base dc=test binddn cn=Directory Manager bindpw xxxx #pam_password exop #pam_filter objectclass=sambaSamAccount nss_base_passwd ou=Users,dc=test nss_base_shadow ou=Users,dc=test nss_base_group ou=NTGroups,dc=test ssl no

..."0" /etc/ldap.conf ********************** host server.example.org base dc=example,dc=org binddn cn=config bindpw 1w2345FJ rootbinddn cn=zimbra,dc=example,dc=org timelimit 120 bind_timelimit 120 bind_policy soft idle_timelimit 3600 nss_base_passwd ou=people,dc=example,dc=org?one nss_base_shadow ou=people,dc=example,dc=org?one nss_base_group ou=groups,dc=example,dc=org?one nss_base_hosts ou=machines,dc=example,dc=org?one nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman uri ldap://server.example.org ssl no tls_cac...

...ogin_attribute uid pam_filter objectclass=myPerson ------------ end - ldap.conf ---------------------- The file /etc/nsswitch.conf ( on the directory server and on the samba server): ----------- nsswitch.conf -------------------- nss_base_passwd id=1.3.3,id=1.3,id=1 nss_base_shadow id=1.3.3,id=1.3,id=1 nss_map_attribute uid login nss_map_attribute userid login ---------- end - nsswitch.conf ------------ and my person: ----------- myperson.ldif ------------------ dn: uid=FR750034,id=1.3.3,id=1.3,id=1 loginShell: /bin/bash objectClass: myP...

Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties -> Computer Name -> Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I've checked

...start_tls tls_cacertfile /usr/local/etc/cacert.pem tls_ciphers HIGH pam_filter &(objectClass=posixAccount)(description=lauterbur) ##nss_base_passwd ou=people,dc=lcni,dc=uoregon,dc=edu nss_base_passwd ou=People,dc=lcni,dc=uoregon,dc=edu nss_base_passwd ou=Computers,dc=lcni,dc=uoregon,dc=edu ##nss_base_shadow ou=people,dc=lcni,dc=uoregon,dc=edu nss_base_shadow ou=People,dc=lcni,dc=uoregon,dc=edu ##nss_base_group ou=group,dc=lcni,dc=uoregon,dc=edu nss_base_group ou=Groups,dc=lcni,dc=uoregon,dc=edu This is maddening, as it is standing in the way of my migration from TAS to Samba+LDAP. I am pathetically...

...es down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_ch...

...mpat ldap shadow: compat ldap group: compat ldap hosts: files dns wins /etc/ldap.conf host 127.0.0.1 base dc=prefix1,dc=prefix2,dc=com binddn cn=Manager,dc=prefix1,dc=prefix2,dc=com bindpw secret pam_password exop nss_base_passwd ou=People,dc=prefix1,dc=prefix2,dc=com?one nss_base_shadow ou=People,dc=prefix1,dc=prefix2,dc=com?one nss_base_group ou=Group,dc=prefix1,dc=prefix2,dc=com?one ssl no /etc/openldap/idmap.ldif dn: dc=prefix1,dc=prefix2,dc=com objectClass: dcObject objectClass: organization dc: prefix1.prefix2 o: xxx description: xxx dn: cn=Manager,dc=prefi...

...es down wmodes Aug 11, 2008 timelimit 30 bind_timelimit 30 bind_policy soft idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap # pam config #pam_password md5 pam_password md5 # config for nss nss_base_passwd ou=people,dc=ourdomain,dc=com?one nss_base_shadow ou=people,dc=ourdomain,dc=com?one nss_base_group ou=group,dc=ourdomain,dc=com?one # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 ssl no # OpenLDAP SSL options # Require and verify server certificate (yes/no) #tls_ch...

...e # this can be omitted but we leave it: there could be other branch # in the directory access to * by self read by * none Her's my ldap.conf HOST s2.dbb.su.se BASE dc=dbb,dc=su,dc=se rootbinddn cn=nssldap,ou=DSA,dc=dbb,sc=su,dc=se nss_base_passwd dc=dbb,dc=su,dc=se?sub nss_base_shadow dc=dbb,dc=su,dc=se?sub nss_base_group ou=Groups,dc=dbb,dc=su,dc=se?one pam_password md5 tls_checkpeer yes TLS_CACERT /etc/ldap/ca.pem TLS_REQCERT demand ssl start_tls tls_cert /etc/nss/nssldap.pem tls_key /etc/nss/nssldap.key I can neither login through ssh or login when TLSVeri...

...could use some advice. Thanks in advance, Dermot. ================ ldap.conf ========= base dc=example,dc=co,dc=uk host localhost rigel.example.co.uk binddn cn=admin,dc=example,dc=co,dc=uk bindpw mysecret bind_policy soft pam_password exop timelimit 15 nss_base_passwd dc=example,dc=co,dc=uk?one nss_base_shadow dc=example,dc=co,dc=uk?one nss_base_passwd ou=Computers,dc=example,dc=co,dc=uk?one nss_base_shadow ou=Computers,dc=example,dc=co,dc=uk?one nss_base_group ou=Groups,dc=example,dc=co,dc=uk?one ssl off ====================================== ================= smb.conf ============= [global] dos char...