On Wed, 06.10.2004 Igor Belyi wrote: > Thorsten Scherf wrote: > > hi, > > > > I set up a winbindd with a ldap backend, here is the relevant part of my > > smb.conf: > > > > idmap backend = ldap:ldap://mail.rhel.homelinux.com > > ldap admin dn = cn=winbind,dc=example,dc=com > > ldap suffix = dc=example,dc=com > > ldap idmap suffix = ou=idmap > > > > On the ldap server I set up the ou=idmap and also permissions for > > cn=winbind to write into the ou=idmap: > > > > access to dn="(.),ou=idmap,dc=example,dc=com" > > by dn="cn=winbind,dc=example,dc=com" > > by * read > > Did you try to change your 'what' part of the access to: > > dn.subtree="ou=idmap,dc=example,dc=com"
this works fine. but what is the difference to "dn=(.*),ou=idmap,dc=example,dc=com"? with my understanding of the ldap-access rules it should just be a performance issue, souldn't it?! cu, thorsten -- Thorsten Scherf <[EMAIL PROTECTED]>
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
