Hi all, I've configured my samba server to work with my ldap backend, the configuration of ldap is correct and in fact my users can interactively login. The problem is with samba, that is always returning a NT_STATUS_LOGON_FAILURE when a user tries to access a share. I'm in doubt if I have to add ldap accounts through the ldap-tools of samba or not, at the moment I did not add any account to samba (thinking it should read them from the ldap server directly). In the logs I'm not able to find anything useful, does anyone have any clue?
The following is an excerpt of my configuration file: [global] netbios name = SEDELDAP workgroup = LDAP security = user passdb backend = ldapsam:ldap://localhost/ obey pam restrictions = no ldap admin dn = cn=admin,dc=myDomain,dc=com ldap suffix = dc=myDomain, dc=com ldap group suffix = ou=Groups ldap user suffix = ou=People ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users ldap passwd sync = Yes passwd program = /usr/sbin/smbldap-passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *all*authentication*tokens*updated* add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -w "%u" add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" domain logons = yes [coge] browsable = no available = no guest ok = no valid users = luca writable = yes printable = no Any idea about that? Thanks, Luca -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba