[Samba] Samba 3.0.25a idmap_ldap "ldap suffix" used instead of "idmap config <DOMAIN>:ldap_base_dn" - Samba
This is a discussion on [Samba] Samba 3.0.25a idmap_ldap "ldap suffix" used instead of "idmap config <DOMAIN>:ldap_base_dn" - Samba ; Hi, I'm trying to setup a samba domain controler trusting a NT4 domain. and want to use Idmap information already stored in an LDAP location. smb.conf snippets are below. I'm not getting this to work. What I see, reading log.winbindd-idmap ...
 |
| | LinkBack | Tools |
|
#1
10-07-2007, 12:41 PM
| |||
| |||
 [Samba] Samba 3.0.25a idmap_ldap "ldap suffix" used instead of "idmap config <DOMAIN>:ldap_base_dn" I'm trying to setup a samba domain controler trusting a NT4 domain. and want to use Idmap information already stored in an LDAP location. smb.conf snippets are below. I'm not getting this to work. What I see, reading log.winbindd-idmap at log level 10 is that search for Idmap entries seems to use the "ldap suffix" parameter instead of the idmap config it starts at ou=Trusting,ou=MyAccounts,o=Universitaet Marburg,c=DE while it should start at ou=Idmap,ou=Trusted,ou=MyAccounts,o=Universitaet Marburg,c=DE Any hints? regards, Wolfgang Ratzka ------------------------------------------- [global] (...) workgroup = TRUSTING server string = %h security = user encrypt passwords = true obey pam restrictions = No passdb expand explicit = No domain logons = Yes preferred master = Yes os level = 65 domain master = Yes enable privileges = Yes logon home = logon path = passdb backend = ldapsam:ldap://somewhere.uni-marburg.de/ ldap ssl = start_tls ldap admin dn = uid=samba,ou=Access,o=Universitaet Marburg,c=DE ldap suffix = ou=Trusting,ou=MyAccounts,o=Universitaet Marburg,c=DE ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap delete dn = Yes # Idmap for trusted Domain TRUSTED should come from LDAP idmap domains = TRUSTED idmap config TRUSTED:backend = ldap idmap config TRUSTED:readonly = yes idmap config TRUSTED:ldap_base_dn = ou=Idmap,ou=Trusted,ou=MyAccounts,o=Universitaet Marburg,c=DE idmap config TRUSTED:ldap_user_dn = uid=sambaanon,ou=Access,o=Universitaet Marburg,c=DE idmap config TRUSTED:ldap_url = ldaps://somewhere.Uni-Marburg.DE/ idmap config TRUSTED:range = 80000-90000 -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba  |
|
« Previous Thread
|
Next Thread »
| Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| [Samba] When I activate "csc policy = disable" the "root preexec" scripts stop working | unix | Samba | 0 | 11-11-2007 08:10 PM |
| [Samba] Groups "Domain Admins" and "ntadmin" | unix | Samba | 0 | 10-08-2007 02:54 AM |
| [Samba] Add 2003 machine to samba domain: "Application popup: Windows - System Error : A duplicate name exists on the network." | unix | Samba | 1 | 10-07-2007 12:43 PM |
| [Samba] "winbind enum = yes" ... oreilly samba books says "turn off" ... but things break. confused :-( | unix | Samba | 3 | 10-07-2007 12:43 PM |
| [Samba] Weird behaviour when using "kernel oplocks = yes" leading to "corrupt" files - bug in samba? | unix | Samba | 1 | 10-07-2007 12:41 PM |
All times are GMT. The time now is 09:59 AM.