Hi David, as Paul has stated already you need the OpenLDAP libraries to compile Samba on a Solaris 9 machine with LDAP or ADS support. The LDAP libraries from Sun do not provide all necessary functions.
The problem is that compiling with OpenLDAP libraries comes with a price if you are authenticating Solaris against LDAP using the native Sun LDAP-Client. Samba will not get any information about secondary groups from the LDAP server, while everything is OK whith information from /etc/group. This behaviour is known as bug #395, which is already closed because it is not a real bug, see https://bugzilla.samba.org/show_bug.cgi?id=395 . I would call it a compatibility problem between the LDAP libraries from Sun and OpenLDAP. (Many thanks to the people at the Sun Center in Berlin for helping me here) If you are affected from this problem, there are 3 workarounds known to me. Please note that I haven't tried all. * put all group information in /etc/group (don't like this idea) * use Patch-ID 112960-03 (rev. -04 and -05 should work too) with authentication method "simple". With "tls:simple" the problem seems to exists for all revisions of this patch. * avoid Sun's LDAP completely and shift to OpenLDAP and nss_ldap from Padl, see http://lists.samba.org/archive/samba/2004-February/081509.html cheers, Reinhard -- Reinhard Sojka <[EMAIL PROTECTED]> System- & Networkadmin Parlamentsdirektion +43 1 40110 2824 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
