> Message: 5 > From: "Matthieu Turpault" <[EMAIL PROTECTED]> > To: "Samba" <[EMAIL PROTECTED]> > Date: Thu, 16 Jan 2003 11:27:30 +0100 > Subject: [Samba] Second Post: Unable to add user with Samba 2.2.7 - LDAP - PDC > > Hello, > > I did not have any response of my first mail. Perhaps I did not be enough > clear: > > Since I have installed the latest version of samba (2.2.7), I can't see > user of my domain with the Win2K User management console. I have try to > change several attribute in my user ( in particular acctFlags ) but I cannot > manage with making my system works. >
(BTW, are you using RPMs or not? If so, which ones please?). > Do you have any idea ? > See below ... > Thanks in advance > > Matthieu Turpault > > Appendice: > - a sample of a user in my LDAP directory > - my first post > > ----------------------------------------------------------- > > ===================================================== > A sample of a user in my LDAP directory: > ===================================================== > > dn: uid=mat,ou=users,o=comelis > loginShell: /bin/bash > objectClass: cmlsPerson > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: sambaAccount > objectClass: account > objectClass: posixAccount > objectClass: top > objectClass: qmailUser > sn: Turpault > gecos: Matthieu Turpault > mail: [EMAIL PROTECTED] > qmailGID: 100 > givenName: Matthieu > uidNumber: 1002 > homeDirectory: /homes/matthieu > pwdLastSet: 1042190742 > logonTime: 0 > logoffTime: 2147483647 > kickoffTime: 2147483647 > pwdCanChange: 0 > pwdMustChange: 2147483647 > displayName: Matthieu Turpault > cn: Matthieu Turpault > rid: 998 > primaryGroupID: 999 > acctFlags:: IFtVWCAgICAgICAgIF0= ( ie [UX ] ) > gidNumber: 100 > uid: mat > [...] > > -------------- my smb.conf -------------------- > [global] > workgroup = MDKGROUP > server string = Samba Server %v > log file = /var/log/samba/log.%m > max log size = 5000 > security = user > encrypt passwords = yes > ldap admin dn = "cn=manager,id=1" Should this not be something like 'ldap admin dn = "cn=manager,o=comelis"? Or does : $ ldapsearch -x -h ldap.comelis.fr -D "cn=manager,id=1" -W "(uid=mat)" work for you (with the password you have added to samba with 'smbpasswd -w <password> when prompted)? > ldap server = ldap.comelis.fr > ldap ssl = off > ldap port = 389 > ldap suffix = "id=1" As above, I think this needs to be "o=comelis", unless the following works for you: $ ldapsearch -x -h ldap.comelis.fr -b "id=1" "(uid=mat)" > ldap filter = "(&(uid=%u)(objectclass=sambaAccount))" > unix password sync = Yes > passwd program = /usr/share/samba/scripts/smbldap-passwd.pl %u > passwd chat = *New*password*:* %n\r *Retype*new*password*:* %n\r > *all*authentication*tokens*updated*successfully* We use 'pam password change = yes" and have pam_ldap in the passwd section on /etc/pam.d/samba instead. Buchan -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x121 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba