Oh dear, I apologise for my typo in subject. Obviously it should mean: EDITPOSIX SETUP.
> Hi, > > i've setup the samba environment like described in the wiki: > http://wiki.samba.org/index.php/Ldapsam_Editposix > > I can now easily add windows user / machines when using the policies for > "Administrator". > > I have also setup unix account session auth via libpam_ldap, libnss_ldap > like described here: > > http://www.gentoo.org/doc/en/ldap-howto.xml > > Some things i dont understand: > > 1. How is the unix password set for the windows users? > When i su <winusername> it is not accepting the win password. > I also tried editing the unix password via ldap-account-manager but also > with no luck. > > Is a unix password set in general when creating new accounts? > > With my unixuseraccounts migrated to ldap via migrationsscipt (the ones > used in the gentoo article) it is possible to su <username>. > > 2. How do I make a sambadomain user out of such a migrated unix user? > > 3. When creating accounts the user homes per default points to > /home/domainname/user. How can I change that? > > Thanks for any reply/feedback for my configs > > Gunnar > > my smb.conf: > --- > [global] > #pdc > netbios name = TIGGER > workgroup = th-domain > domain logons = yes > > #path > logon home = \\%N\%U > logon path = \\%N\%U\.winprofile > > #password > encrypt passwords = true > passdb backend = ldapsam > > #ldap > ldap suffix = dc=th-domain,dc=lan > ldapsam:trusted = yes > ldapsam:editposix = yes > ldap admin dn = cn=admin,dc=th-domain,dc=lan > ldap delete dn = yes > ldap group suffix = ou=groups > ldap machine suffix = ou=computers > ldap user suffix = ou=peoples > ldap idmap suffix = ou=idmap > > #idmap > idmap domains = th-domain > idmap config th-domain:backend = ldap > idmap config th-domain:readonly = no > idmap config th-domain:default = yes > idmap config th-domain:ldap_base_dn = ou=idmap,dc=th-domain,dc=lan > idmap config th-domain:ldap_user_dn = cn=admin,dc=th-domain,dc=lan > idmap config th-domain:ldap_url = ldap://localhost > idmap config th-domain:range = 50000-500000 > idmap alloc backend = ldap > idmap alloc config:ldap_base_dn = ou=idmap,dc=th-domain,dc=lan > idmap alloc config:ldap_user_dn = cn=admin,dc=th-domain,dc=lan > idmap alloc config:ldap_url = ldap://localhost > idmap alloc config:range = 50000-500000 > > #logging > log level = 1 > --- > my nsswitch/pam /etc/ldap.conf > --- > ssl off > suffix "dc=th-domain,dc=lan" > uri ldap://localhost > pam_password exop > > rootbinddn "cn=root,dc=th-domain,dc=lan" > > ldap_version 3 > pam_filter objectclass=posixAccount > pam_login_attribute uid > pam_member_attribute memberuid > nss_base_passwd ou=peoples,dc=th-domain,dc=lan > nss_base_shadow ou=peoples,dc=th-domain,dc=lan > nss_base_group ou=groups,dc=th-domain,dc=lan > nss_base_hosts ou=hosts,dc=th-domain,dc=lan > > scope one > ---- > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
