Hi, for this i wrote a howto, its on the samba list. it covers verything you need.
here's a link http://www.nabble.com/BIG-Samba-howto-for-debian-only.-p1813392.html Louis >-----Oorspronkelijk bericht----- >Van: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] >Namens Michael Fernández M. >Verzonden: woensdag 8 februari 2006 21:16 >Aan: Samba List >Onderwerp: [Samba] PDC. Samba > >Hi, i´ve installed Samba Version: 3.0.14a-3sarge1 on Debian Sarge.- > >Samba works great like a pdc with system users.... but i want to >connect with ldap.. but it does not work.- > >my ldap suffix is like this: > >ou=samba,o=sernam >ou=Users,ou=samba,o=organization >ou=Groups,ou=samba,o=organization >ou=Computers,ou=samba,o=organization >ou=Idmap,ou=samba,o=organization >sambaDomainName=debian,ou=samba,o=organization >uid=Administrator,ou=Users,ou=samba,o=organization >uid=nobody,ou=Users,ou=samba,o=organization >cn=Domain Admins,ou=Groups,ou=samba,o=organization >cn=Domain Users,ou=Groups,ou=samba,o=organization >cn=Domain Guests,ou=Groups,ou=samba,o=organization >cn=Domain Computers,ou=Groups,ou=samba,o=organization >cn=Administrators,ou=Groups,ou=samba,o=organization >cn=Print Operators,ou=Groups,ou=samba,o=organization >cn=Backup Operators,ou=Groups,ou=samba,o=organization >cn=Replicators,ou=Groups,ou=samba,o=organization > >this was created by smbldap-polulate (from smbldap-tools) > >if i create a user i cannot conect to the domain, this happend with >win9x and 200x > >mi smb.con is: > >[global] > workgroup = debian > netbios name = debian > server string = %h server (Samba %v) > domain master = yes > local master = yes > preferred master = yes > hosts allow = 127.0.0.1 10.0.20.0/255.255.255.0 > domain logons = yes > logon path = \\%L\Profiles\%U > logon script = prueba.bat > logon home = \\%L\%U\profile > dns proxy = no > ldap admin dn = cn=admin,o=sernam > ldap suffix = ou=samba,o=sernam > ldap group suffix = ou=Groups > ldap user suffix = ou=Users > security = user > encrypt passwords = yes > passdb backend = ldapsam:ldap://127.0.0.1 > add user script = /usr/sbin/smbldap-useradd -a 'u%' > delete user script = /usr/sbin/smbldap-userdel 'u%' > add group script = /usr/sbin/smbldap-groupadd -p 'g%' > delete group script = /usr/sbin/smbldap-groupdel 'g%' > add user to group script = /usr/sbin/smbldap-groupmod -m '%u' 'g%' > delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' >'g%' > set primary group script = /usr/sbin/smbldap-groupmod -g '%g' '%u' > add machine script = /usr/sbin/smbldap-useradd -w '%u' > idmap backend = ldap:ldap://localhost > ldap machine suffix = ou=Computers > idmap uid = 10000-20000 > idmap gid = 10000-20000 > log file = /var/log/samba/log.%m > max log size = 1000 > syslog = 0 > panic action = /usr/share/samba/panic-action %d > security = user > encrypt passwords = true > passdb backend = tdbsam guest > obey pam restrictions = yes > passwd program = /usr/bin/passwd %u > > >What i am doing wrong?.- > >Can i connect Ldap to Samba without PAM? > >Thanks in advance! > >Michael.- > > > > > > > > > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
