To do that part you issue a
smbpasswd -w <passwordstring>
on the command line of your samba box to set the bind password to associate with the ldap admin dn.
Thanks; I forgot about this step. However, the machine still won't authenticate... there's a really long pause, and eventually it rejects the correct login password. I checked the system logs, but since this goes through pam, it may be out of samba's hands....
Have you tried storing your winbind idmap on an openldap (or other ldap) server? You could either manually pull the SIDs from the windows directory and then sync them with uids with a script, or you could change the uid stored in the idmap database to match the uid manually as the users connect. I suppose you could store that in your AD server as well, no real reason you couldn't. This wouldn't be reinventing the wheel quite as much and samba will work out of the box with that idmap data.
Although I'm not a big fan of openldap, this was suggested. Unfortunately, due to decisions made out of my hands, AD was chosen as the single database to hold all of our login and user information.
-Nik
-- // Nik Reiman || [EMAIL PROTECTED] || http://www.aboleo.net \\
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
