[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Samba auth on replicated LDAP: no admin user

Op 06-12-15 om 18:45 schreef Quanah Gibson-Mount:
> --On Sunday, December 06, 2015 2:19 PM +0100 Paul van der Vlis
> <paul@vandervlis.nl> wrote:
>> Hello,
>> I have a replicated LDAP and a few Windows PC's what want to
>> authenticate using Samba. Normally I use "smbpasswd -w" to give the ldap
>> admin dn, but because it's replicated there is no ldap admin!
>> Is there a way to authenticate using a replicated LDAP?
> I've no clue what you mean here.  If the data is replicated, then the
> same data that is on the master is on the replica, and one can
> authenticate to the replica just like they would to the master.

You would say, but that's not the case. On the replica I don't have an
"admin" user. When I do:

ldapsearch -x -b "cn=admin,dc=domain,dc=nl" -H ldapi:///

On the replica I get: "no such object".
On the master  I get: "0 Success".

The replicated LDAP works fine with Linux.

I don't care the LDAP admin user is replicated or the replicated server
has it's own admin user. But I need an admin user with a password.

This are the settings on the replica:
  retry="60 +"

> I'm guessing what you mean is that portions of Samba unique to samba
> that have nothing to do with LDAP are not present, and thus samba
> related tools don't work.  I'd suggest discussing with the Samba folks
> on how to properly replicate Samba environments.

Samba is using the LDAP admin user. This user does not work on the
replica. So first I want to have that correct and I expect it will work

With regards,
Paul van der Vlis.

Paul van der Vlis Linux systeembeheer Groningen