[Samba] Samba-LDAP with custom object class

Matthieu Turpault Mon, 23 Sep 2002 02:50:10 -0700

Hello,

            First, excuse me if this messages is not in the right mailing list: I have 
not found a samba-ldap forum.
        I try to use Samba-LDAP with my own object class but I cannot manage using an 
other attribute than 'uid' for the user ID.


        Here is my objectClass:
--------------- myClass.schema -----------------------------------
attributeType ( 1.3.6.1.4.1.13460.1.18.1
        NAME          'login'
        DESC     'login used by linux'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )

objectClass ( 1.3.6.1.4.1.13460.2.18.1
        NAME   'myPerson'
        SUP    TOP
        STRUCTURAL
        MUST   ( login ) )
-----------------end - myClass -------------------------------
         
                 My smb.conf is the following one (only an extract):
------------------ smb.conf -----------------------------
    ldap admin dn = "cn=manager,id=1"
    ldap server = 10.0.1.10
    ldap ssl = off
    ldap port = 389
    ldap suffix = "id=1.3.3,id=1.3,id=1"  
    ldap filter = "(&(login=%u)(objectclass=sambaAccount))"              
------------------ end - smb.conf ---------------------

               The file /etc/ldap.conf
------------------- ldap.conf -----------------------
          pam_login_attribute uid
          pam_filter objectclass=myPerson       
------------ end - ldap.conf ----------------------


             The file /etc/nsswitch.conf  ( on the directory server and on the samba 
server):
----------- nsswitch.conf --------------------
nss_base_passwd id=1.3.3,id=1.3,id=1
nss_base_shadow id=1.3.3,id=1.3,id=1

nss_map_attribute    uid     login
nss_map_attribute    userid  login
---------- end - nsswitch.conf ------------
              

           and my person:
----------- myperson.ldif ------------------
dn: uid=FR750034,id=1.3.3,id=1.3,id=1
loginShell: /bin/bash
objectClass: myPerson
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: sambaAccount
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: qmailUser
sn: Smith
gidNumber: 100
gecos: Teddy Smith
uidNumber: 502
login: ted
mail: [EMAIL PROTECTED]
qmailUID: 502
qmailGID: 100
givenName: teddy
homeDirectory: /homes/teddy
uid: FR750034
logonTime: 0
cn:: TWF0dGhpZXUgVHVycGF1bHQg
rid: 103
primaryGroupID: 103
-------- end - myperson.ldif -------------



           When I try to open a home Directory with a Windows client, a request of 
authentication is displayed but it comes back after each test.
           The log file of the directory:


---------- Log file of Openldap -----------
Sep 23 12:08:44 therese slapd[1745]: conn=164 op=51 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1833]: conn=164 op=52 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(objectClass=posixAccount)(login=ted))"
Sep 23 12:08:44 therese slapd[1833]: conn=164 op=52 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1731]: daemon: conn=268 fd=23 connection from 
IP=10.0.1.12:32921 (IP=0.0.0.0:34049) accepted.
Sep 23 12:08:44 therese slapd[1736]: conn=268 op=0 BIND dn="CN=MANAGER,ID=1" method=128
Sep 23 12:08:44 therese slapd[1736]: conn=268 op=0 RESULT tag=97 err=0 text=
Sep 23 12:08:44 therese slapd[2330]: conn=268 op=1 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(login=ted)(objectClass=sambaAccount))"
Sep 23 12:08:44 therese slapd[2330]: conn=268 op=1 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[2331]: conn=164 op=53 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(objectClass=posixAccount)(login=FR750034))"
Sep 23 12:08:44 therese slapd[2331]: conn=164 op=53 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[1745]: conn=268 op=2 UNBIND
Sep 23 12:08:44 therese slapd[1745]: conn=-1 fd=23 closed
Sep 23 12:08:44 therese slapd[1731]: daemon: conn=269 fd=23 connection from 
IP=10.0.1.12:32922 (IP=0.0.0.0:34049) accepted.
Sep 23 12:08:44 therese slapd[1833]: conn=269 op=0 BIND dn="CN=MANAGER,ID=1" method=128
Sep 23 12:08:44 therese slapd[1833]: conn=269 op=0 RESULT tag=97 err=0 text=
Sep 23 12:08:44 therese slapd[1731]: deferring operation
Sep 23 12:08:44 therese slapd[1736]: conn=269 op=1 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(login=ted)(objectClass=sambaAccount))"
Sep 23 12:08:44 therese slapd[1736]: conn=269 op=1 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:44 therese slapd[2330]: conn=164 op=54 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(objectClass=posixAccount)(login=FR750034))"
Sep 23 12:08:45 therese slapd[2330]: conn=164 op=54 SEARCH RESULT tag=101 err=0 text=
Sep 23 12:08:45 therese slapd[2331]: conn=269 op=2 UNBIND
Sep 23 12:08:45 therese slapd[1745]: conn=164 op=55 SRCH base="id=1.3.3,id=1.3,id=1" 
scope=2 filter="(&(objectClass=posixAccount)(login=ted))"
Sep 23 12:08:45 therese slapd[2331]: conn=-1 fd=23 closed
Sep 23 12:08:45 therese slapd[1745]: conn=164 op=55 SEARCH RESULT tag=101 err=0 text=
--------end- Log file of Openldap -----------


            The directory /homes/ted exists and is owned by mat.users.
        
        Do you have a clue ?

Thanks in advance


Matthieu
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba-LDAP with custom object class

Reply via email to