Do you actually specify your ldap suffix anyplace? It could be trying
to guess at the suffix using LDAP entries you do have.
Scott Wunsch wrote:
I'm trying to get Samba set up to read all account information from my
existing LDAP directory. I have nss_ldap set up and working correctly.
I'm using Mandrake 10.0, and the problem occurs both with their Samba
3.0.2a packages and the Samba 3.0.4 RPMs from samba.org.
When Samba queries the LDAP server, it seems to be using the admin DN as
the *search base*, rather than using the suffix configured in smb.conf.
The appropriate bit of my smb.conf (with the organization name
removed, obviously) looks like this:
passdb backend = ldapsam:ldap://ldap.fakeorgname.dom
ldap admin dn = cn=Manager,o=Organization Name
ldap delete dn = no
ldap filter = (&(uid=%u)(objectclass=sambaSamAccount))
ldap group suffix = cat=Groups
ldap machine suffix = cat=Computers
ldap passwd sync = yes
ldap ssl = off
ldap suffix = o=Organization Name
ldap user suffix = cat=Staff
When I sniff the LDAP queries or look at log.smbd, I see that the base DN
being used for the queries is "cn=Manager,o=Organization Name" or even
"cat=Groups,cn=Manager,o=Organization Name". This makes no sense at all
to me. I even browsed through the code, and I can't see any way that
these two configuration items could possibly get mixed up.
Can anybody suggest any way that this could occur, or anything that I
should check to resolve this?
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.com mailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
