Steve Zeng: > I tried to let Samba authenticate against LDAP but could not figure out > how to build the LDAP tree for Samba. > > Fedora core 2 > Samba 3.0.10 > OpenLDAP 2.1.29 > > > I used the migration tool bundled with OpenLDAP and successfully > imported passwd, group and hosts from NIS into LDAP. I can authenticate > from any of linux client against LDAP server. My LDAP DIT is as follows: > > dc=mydomain | > `--- ou=People : to store user accounts for Unix and Windows > | > `--- ou=Hosts : to store computer accounts for UNIXX & Windows > | > `--- ou=Groups : to store system groups for Unix and Windows
O.k. But you could find at a later stage (on, for example, a large installation) that you could do better to separate Samba specific stuff into a subtree, f.ex. under an ou smb. You can still have Samba users in your People container. [...] No comment on the specific OpenLDAP stuff, it looks o.k. and you made it work :) > 2) Configure smb.conf with SWAT You might find out later that a CLI editor is a better choice; it gives you the chance of commenting and trying different settings out temporarily. [...] > ldap suffix = dc=mfelc This is your immediate problem. Where on earth did you get this from? Your ldap suffix should normally be that of the suffix used in your slapd.conf DSE (could possibly be a subtree): in this case dc=mydomain. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
