Re: [Samba] LDAP IDMAP not working

Mon, 10 Nov 2003 14:45:02 -0800 

On Tue, 2003-11-11 at 00:08, ww m-pubsyssamba wrote:
> Hi all,
> 
>       anyone able to point out why I'm not able to get samba 3.0.0 to update my LDAP 
> server with any idmap data? I'm using SunOne DS 5.2 LDAP server and the following 
> entries in my smb.conf file,
> 
>       ldap admin dn = 
> "uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot"
>       ldap ssl = off
> ;     ldap suffix = "dc=testlan,dc=bbc,dc=co,dc=uk"   ** have tried with this 
> attribute on and off **
>              winbind separator = +
>              winbind cache time = 10
>              template shell = /bin/sh
>             ; template homedir = /home/%D/%U
>            idmap backend = ldap:ldap://bbcwwp-sun24.testlan.bbc.co.uk:389
>            ldap idmap suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
>            ldap group suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
>            ldap user suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
>            ldap machine suffix = ou=idmap,dc=testlan,dc=bbc,dc=co,dc=uk
>              idmap uid = 10000-20000
>              idmap gid = 10000-20000
>       winbind enum users = yes
>       winbind enum groups = yes
> 
> I've successfully updated the schema with the samba bits and have tested the admin 
> account specified in the smb.conf using ldapsearch. I've created both a root and 
> admin account using smbpasswd with the correct password for the admin account (I 
> wasn't clear which account should be used from the samba documentation). But my 
> idmap OU is empty, and to be honest I can't even see any attempts to access the LDAP 
> server from its access logs (excepting when testing using ldapsearch). Any help 
> would be appreciated,

Is that the whole smb.conf?  When Samba is a DC, or a standalone server,
it doesn't use IDMAP for local accounts.  (Something that changed over
the course of the idmap design and implementation)

Andrew Bartlett

-- 
Andrew Bartlett                                 [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team  [EMAIL PROTECTED]
Student Network Administrator, Hawker College   [EMAIL PROTECTED]
http://samba.org     http://build.samba.org     http://hawkerc.net

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to