Thanks for the quick response... but I've already been there. As I said, I'm NOT looking for an LDAP PDC... I'm ONLY looking for LDAP idmap. There is no documentation on idealx.org for an LDAP idmap that does NOT include the PDC... nor is there much documentation anywhere else about it.
____________________________ Shannon Johnson Network Support Specialist / Systems Administrator Dept. of Mechanical and Nuclear Engineering 224 Reber Building University Park, PA 16802 Phone: (814) 865-8267 ____________________________ > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Sent: Friday, August 06, 2004 3:59 AM > To: Shannon Johnson; [EMAIL PROTECTED] > Subject: Re: [Samba] LDAP Idmap > > "Shannon Johnson" <[EMAIL PROTECTED]> > Sent by: > [EMAIL PROTECTED] > 05.08.2004 22:59 > > > To: <[EMAIL PROTECTED]> > cc: > Subject: [Samba] LDAP Idmap > > Hi shannon, > > a good start you'll find at www.idealx.org. There is a very good docu on > how to setup samba3-LDAP. > If you then running into problems. > ask the list. > > Chris > > > > I'm having quite a bit of trouble getting an LDAP directory set up for > the idmap backend for winbind. I've been working on it for quite a > while, and haven't found any very helpful websites or anything. I've > found quite a bit on how to set up a PDC using LDAP, which would be > nice, but I already have the PDC... I just need LDAP to host UID's and > GID's. The things I'd like to know are: > > 1. What should the rootdn, suffix, and indexes be in the > slapd.conf? I think that the rootdn needs to match what I put in the > smb.conf for the "ldap admin dn", and I'm fairly sure the suffix needs > to match the "ldap suffix" from the smb.conf... I don't have any idea > about the indexes. > 2. What needs to be in the ldif file to create the directory > properly? I've tried several that I've found online, both from the Samba > 3 By Example book, and lots of forum / mailing list posts. I'm not sure > if what I've tried has been correct, but it hasn't worked yet, and this > is one part I'm not sure about. > 3. I think that once I get the first 2 things worked out, I > just > set about 6 things in my smb.conf (ldap suffix, ldap admin dn, idmap > backend (which should point to ldap:ldap://127.0.0.1, if the server is > running on the same machine, right?), ldap idmap suffix, idmap uid, and > idmap gid), enter my password from the "smbpasswd -w" command, and once > I restart winbind, it should automatically start filling up the > directory, right? > 4. Once I get the server going and filled up with UID's and > GID's, > for the clients, am I correct in saying that I alter the smb.conf to > include the ldap suffix, ldap admin dn, idmap backend, ldap idmap > suffix, idmap uid, and idmap gid, then again enter my password via > smbpasswd -w, change /etc/nsswitch.conf to be "passwd files ldap" > instead of "passwd files winbind", and it should work? > > This isn't documented very well anywhere, so I'd appreciate any hints or > suggestions anybody might have... > > Shannon > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
