I think I'm going to write a how to about this stuff because what
documentation is out there sucks.
It takes a bit of time to get into the ldap mindset but this is basically how
it works .
Get a samba rpm which has been compiled with ldap support ( or compile 2.7
with the right flags )
Follow the instructions in the samba project documentation for setting up a
samba pdc using ldap authentication.
Now you have to create a password entry for every user that you want
in your domain . So if you are adding paul you have to do
Then you use the script ( /usr/share/samba/scripts/smbldap-useradd.pl -a -u
1300 -m -P paul ) that samba provides to set up a samba workstation account
for the user, this is rather that using the usual smbpasswd to add them to
Now this is basically a duplication of effort so hence the interest in the
nsswitch stuff. The problem ? with samba is that it needs a user account for
each samba account which make sense I suppose.
But if you do the stuff with the nsswitch.conf ( see the earlier email that I
sent ) then you dont have to go to the trouble of creating system users
because the smbldap-useradd.pl script creates all the posix stuff for you
I'm going to leave it at that for now, I'm going to have to write an internal
setup document anyway so when I get it done I'll post to the list.
If any of you want the configuration files that I've got for my test setup
just mail me and I'll send them over to you.
The LDAP rocks !!!!!
On Thursday 19 December 2002 14:02, Paul Reilly wrote:
> Hi Bryan,
>> > address book, unix login, domain authentication for windoze
> > boxes .... hmmm what else can I add into i
>> Interesting that you've got this setup with windows too.
> Is it transparent? Do you need to do any client side config
> on the windows boxes, or do they just see it as a PDC ?
> Are you using Samba with LDAP to do this?
> How many windows boxes do you have authenticating with it?
>> nice one,
Systems Enginering Manager
Ossidian Technologies Ltd
Tel +353-1-2787111 Fax +353-1-2787136
See us at :-
18-21 February 2003
Palais des Festivals
Ireland Stand No: B22, Hall 1
IMPORTANT :- The contents of this email are confidential and may contain
legally privileged information. If you are not a named addressee, please
notify the sender. We take reasonable precautions using Sophos anti-virus
software to ensure that all data generated by us has been checked for viruses
and accept no responsibility in this regard
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!