Hello list! I believe I may not have a Samba problem, but rather an LDAP directory problem. I'm hoping to be redirected towards a more appropriate mailing list to which I can post.
I have a Slackware server running Samba and OpenLDAP, and my WinXP clients authenticate just fine. I migrated from an smbpasswd backend to OpenLDAP with a BD backend some time ago, using the migration tools provided with smbldap-tools. Everything has been working fine. I now want to bring a Ubuntu workstation online, and authenticate to the same LDAP database. I've understood that my previous approach was wrong (trying to somehow get the Ubuntu box to join the domain), and that I instead need to use nss and pam to point directly to the LDAP database on the Slackware server. So far, so good. Ubuntu packages sourced and installed. Executing "getent group" on the Ubuntu client produces the expected results. Executing "getent passwd" does not; it only shows me a subset of the user accounts (notably, not my own account which was created prior to migration). Fiddling about with a couple of Windows-based ldap query clients, I can see that there seem to be some differences between accounts that were created pre-migration and those created post-migration. As an example, accounts created post-migration seem to have different "objectClass" attributes and values associated with them than do accounts created pre-migration - and the post-migration accounts are all visible with "getent passwd" on the Ubuntu client. Also, the pre-migration accounts have the "account" objectClass associated with them, while the post-migration accounts have the "person" objectClass associated with them. The post-migration accounts also seem to have the "posixAccount" object class associated with them. There are other differences, but these strike me (in my ignorance) as possibly being the source of the problem. In case it isn't obvious, I have zero LDAP experience other than this futzing around I'm doing. It seems fairly obvious that I need to somehow alter the pre-migration accounts in some way to make them more like the post-migration accounts, such that I can then log onto the Ubuntu client with the same user ID with which I log onto the WinXp clients. I'm reluctant to do much so far, in fear that I'll manage to irreparably damage the pre-migration accounts (somehow lose the SID, etc) such that they'll need to be re-created, with all the pain that entails on the WinXP clients (I use local profiles only on the WinXP boxes). So, as I said, probably not a Samba problem per se. Would someone be so kind as to suggest the proper list in which I can post this problem? Thanks very much in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
