Op 06-12-15 om 18:45 schreef Quanah Gibson-Mount: > --On Sunday, December 06, 2015 2:19 PM +0100 Paul van der Vlis > <[email protected]> wrote: > >> Hello, >> >> I have a replicated LDAP and a few Windows PC's what want to >> authenticate using Samba. Normally I use "smbpasswd -w" to give the ldap >> admin dn, but because it's replicated there is no ldap admin! >> >> Is there a way to authenticate using a replicated LDAP? > > I've no clue what you mean here. If the data is replicated, then the > same data that is on the master is on the replica, and one can > authenticate to the replica just like they would to the master.
You would say, but that's not the case. On the replica I don't have an "admin" user. When I do: ldapsearch -x -b "cn=admin,dc=domain,dc=nl" -H ldapi:/// On the replica I get: "no such object". On the master I get: "0 Success". The replicated LDAP works fine with Linux. I don't care the LDAP admin user is replicated or the replicated server has it's own admin user. But I need an admin user with a password. This are the settings on the replica: provider=ldaps://ldap.domain.nl searchbase=dc=domain,dc=nl type=refreshAndPersist schemachecking=on interval=00:01:00:00 bindmethod=simple tls_reqcert=never tls_cacert=/etc/ssl/certs/CAself-cert.pem retry="60 +" binddn="dc=domain,dc=nl" credentials=xxxxx > I'm guessing what you mean is that portions of Samba unique to samba > that have nothing to do with LDAP are not present, and thus samba > related tools don't work. I'd suggest discussing with the Samba folks > on how to properly replicate Samba environments. Samba is using the LDAP admin user. This user does not work on the replica. So first I want to have that correct and I expect it will work then. With regards, Paul van der Vlis. -- Paul van der Vlis Linux systeembeheer Groningen https://www.vandervlis.nl/
