[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Samba auth on replicated LDAP: no admin user
Am Mon, 7 Dec 2015 10:28:50 +0100
schrieb Paul van der Vlis <paul@vandervlis.nl>:
>
>
> Op 07-12-15 om 09:50 schreef Dieter Klünter:
> > Am Sun, 6 Dec 2015 14:19:23 +0100
> > schrieb Paul van der Vlis <paul@vandervlis.nl>:
> >
> >> Hello,
> >>
> >> I have a replicated LDAP and a few Windows PC's what want to
> >> authenticate using Samba. Normally I use "smbpasswd -w" to give the
> >> ldap admin dn, but because it's replicated there is no ldap admin!
> > [...]
> > Is this a samba3 or a samba4 server?
>
> Samba3.
>
> This is what I use for authentitication in smb.conf:
> ---
> passdb backend = ldapsam:ldapi:///
> ldap ssl = off
> ldap suffix = "dc=domain,dc=nl"
> ldap admin dn = "cn=admin,dc=domain,dc=nl"
> ldap machine suffix = ou=machines
> ldap user suffix = ou=users
> ldap group suffix = ou=groups
> ldap delete dn = no
> ---
>
> So I use the user "cn=admin,dc=domain,dc=nl", and this user does not
> excist on the replicated LDAP when I check it with ldapsearch. So I
> can understand this does not work.
Because you defined rootDN in smb.conf and you have not configured
rootDN. Don't define rootDN in any ldap client configuration, create
instead an object with appropriate administrative authorization.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E