[ldap] Few questions

Mon, 22 May 2006 11:15:37 -0700 

(i think i had problem to send this message on friday.. so repeating...)
Hi Adam!
Thanks for answer.

On 5/20/06, Adam Tauno Williams <[EMAIL PROTECTED]> wrote:

> After almost one month trying to configure my system with:
> .               MigrationTools-47  nss_ldap-249     pam_ldap-180
> ..              openldap-2.3.20  samba-3.0.22     Linux-PAM-0.80
> db-4.4.20
> I come here again because i could not find any information on Internet
> that fix my problem or helped me to see what i am doing wrong.
> So, let's start from the beginning. First of all, i could be
> authenticated and authorized by ldap and pam before using samba.
> Now, I'm trying to do the same with Windows-machine and using
> smbldap-tools to create users for both situation (posix account for
> linux and posix + sambasamaccount for windows) but nothing works
> anymore.

Adding Samba stopped PAM for working?  Did you change any ACLs?


I change my ACL but i think it is ok for validation.

access to *
  by dn="cn=admin,dc=xxx" write
  by users read
  by self write
  by * read




> My LDAP-tree is ok, i think. I can see it using ldasearch, edit, etc.
> My windows-machine recognizes samba as PDC but i can't log in even with root.

You 'upgraded' your posix account objects to have a sambasamaccount
objectclass?


Actually i created every user using only smbldap-tools. (i deleted my
last db and created one new using smbldap-tools.
So.. my answer is yes, because smbldap-tools do that as default and i
can see this objectclass in my LDAP-tree.



> Because i have a lot of configuration files maybe i'm a little bit
> lost. (a little.. :) ). Should i put everything here?

Does "id" (nss) work?  Such as "id {username}"?


Well, i did not try "id username" but i could find all of my users and
groups by "getent group or passwd username". I think it will be the
same, don't you agree?




> I know that some questions don't belong here but i am afraid to ask in
> each group of each program (group of ldap, group of samba, group of
> pam, etc.) because i think they are completely integrated in my case.

If it worked before you added Samba, what in you Dit did you change?



I did not understand your last question. What "Dit" means?
Anyway.. before i had just linux machines and now i am trying to use
with windows machine too.


Greetings!
Marcelo

---
You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the 
SUBJECT of the message.

Reply via email to