I Just noticed that the smbldap-tools didn't fill in the groups accounts in the linux group file, any idea why this is ?? ----- Original Message ----- From: "Adi Nugraha" <[EMAIL PROTECTED]> To: <samba@lists.samba.org>; "Jim C." <[EMAIL PROTECTED]> Sent: Wednesday, January 12, 2005 3:06 PM Subject: Re: [Samba] Re: LDAP unable to add Idmap
> I used the schema from the samba source, and for the rest of it I just > followed the samba by example chapter 6, anyway here's my smb.conf : > > [global] > unix charset = LOCALE > workgroup = VALHALLA > netbios name = VALKYRIE > interfaces = eth0, lo > passdb backend = ldapsam:ldap://192.168.88.2 > username map = /etc/samba/smbusers > log level = 1 > syslog = 0 > log file = /var/log/samba/%m > max log size = 50 > smb ports = 139 445 > name resolve order = wins bcast hosts > time server = Yes > printcap name = lpstat > show add printer wizard = No > add user script = /var/lib/samba/sbin/smbldap-useradd.pl -a -m '%u' > delete user script = /var/lib/samba/sbin/smbldap-userdel.pl '%u' > add group script = /var/lib/samba/sbin/smbldap-groupadd.pl -p '%g' > delete group script = /var/lib/samba/sbin/smbldap-groupdel.pl '%g' > add user to group script = > /var/lib/samba/sbin/smbldap-groupmod.pl -m '%u' '%g' > delete user from group script = > /var/lib/samba/sbin/smbldap-groupmod.pl -x '%u' '%g' > set primary group script = /var/lib/samba/sbin/smbldap-usermod.pl -g > '%g' '%u' > add machine script = /var/lib/samba/sbin/smbldap-useradd.pl -w '%u' > logon path = > domain logons = Yes > preferred master = Yes > wins support = Yes > ldap admin dn = cn=Manager,dc=test,dc=co,dc=id > ldap group suffix = ou=Groups > ldap idmap suffix = ou=Idmap > ldap machine suffix = ou=People > ldap suffix = dc=test,dc=co,dc=id > ldap user suffix = ou=People > idmap backend = ldap:ldap://192.168.88.2 > idmap uid = 10000-20000 > idmap gid = 10000-20000 > printer admin = Administrator, adi > map acl inherit = Yes > printing = cups > print command = /usr/bin/lp -d '%p' %s; rm %s > lpq command = /usr/bin/lpstat -o '%p' > lprm command = /usr/bin/cancel '%p-%j' > lppause command = lp -i '%p-%j' -H hold > lpresume command = lp -i '%p-%j' -H resume > queuepause command = /usr/bin/disable '%p' > queueresume command = /usr/bin/enable '%p' > > > and here's the slapd.conf > > include /usr/share/openldap/schema/core.schema > include /usr/share/openldap/schema/cosine.schema > include /usr/share/openldap/schema/corba.schema > include /usr/share/openldap/schema/inetorgperson.schema > include /usr/share/openldap/schema/java.schema > include /usr/share/openldap/schema/krb5-kdc.schema > include /usr/share/openldap/schema/kerberosobject.schema > include /usr/share/openldap/schema/misc.schema > include /usr/share/openldap/schema/nis.schema > include /usr/share/openldap/schema/openldap.schema > include /usr/share/openldap/schema/autofs.schema > include /usr/share/openldap/schema/samba.schema > include /usr/share/openldap/schema/kolab.schema > include /etc/openldap/schema/local.schema > > pidfile /var/run/ldap/slapd.pid > argsfile /var/run/ldap/slapd.args > > modulepath /usr/lib/openldap > > TLSCertificateFile /etc/ssl/openldap/ldap.pem > TLSCertificateKeyFile /etc/ssl/openldap/ldap.pem > TLSCACertificateFile /etc/ssl/openldap/ldap.pem > loglevel 256 > > ####################################################################### > # database definitions > ####################################################################### > > database bdb > suffix "dc=test,dc=co,dc=id" > #suffix "o=My Organization Name,c=US" > rootdn "cn=Manager,dc=test,dc=co,dc=id" > #rootdn "cn=Manager,o=My Organization Name,c=US" > > # Cleartext passwords, especially for the rootdn, should > # be avoided. See slappasswd(8) and slapd.conf(5) for details. > # Use of strong authentication encouraged. > rootpw secret > # rootpw {crypt}ijFYNcSNctBYg > > # The database directory MUST exist prior to running slapd AND > # should only be accessable by the slapd/tools. Mode 700 recommended. > directory /var/lib/ldap > > > # Indices to maintain > #index objectClass eq > #index objectClass,uid,uidNumber,gidNumber eq > #index cn,mail,surname,givenname eq,subinitial > index objectClass eq > index cn pres,sub,eq > index sn pres,sub,eq > index uid pres,sub,eq > index displayName pres,sub,eq > index uidNumber eq > index gidNumber eq > index memberUID eq > index sambaSID eq > index sambaPrimaryGroupSID eq > index sambaDomainName eq > index default sub > > > anything wrong with this ??? and this is the output from smbclient : > > Domain=[VALHALLA] OS=[Unix] Server=[Samba 3.0.9] > tree connect failed: NT_STATUS_BAD_NETWORK_NAME > > > > > > ----- Original Message ----- > From: "Jim C." <[EMAIL PROTECTED]> > To: <samba@lists.samba.org> > Sent: Wednesday, January 12, 2005 1:18 PM > Subject: [Samba] Re: LDAP unable to add Idmap > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > I think either you are getting your objectClasses messed up somehow or > > you have a messed up schema somewhere. Post the information you are > > trying to add. > > > > Actually, I don't understand why this must be done at all. For me at > > least, Samba usually does idmaps automagically if it's settings are > > correct in smb.conf. > > > > |>I'm trying to setup a Samba with ldap backend, I followed tha samba by > > |>example chapter 6, followed the instcution in the book, and when it says > > > > Jim C. > > - -- > > - ----------------------------------------------------------------- > > | I can be reached on the following Instant Messenger services: | > > |---------------------------------------------------------------| > > | MSN: j_c_llings @ hotmail.com AIM: WyteLi0n ICQ: 123291844 | > > |---------------------------------------------------------------| > > | Y!: j_c_llings Jabber: jcllings @ njs.netlab.cz | > > - ----------------------------------------------------------------- > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.2.5 (MingW32) > > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > > > iD8DBQFB5MEk57L0B7uXm9oRAum5AKCFT0wW97WB3woi1KZstoO5luYu+gCfcCSW > > 6N/chSp7aSA2wGboCyEq4/A= > > =zeI7 > > -----END PGP SIGNATURE----- > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba