Why don't you just *create* a dedicated samba DN in LDAP which Samba can use? This is a much more secure setup than granting read or even write access to passwords to unauthenticated external connections.
The official smbldap-tools HOWTO even suggests how to do this: 1) Create an LDAP entry which might look like this: dn : cn=samba , ou=DSA, dc=IDEALX, dc=ORG objectclass : organizationalRole objectClass : top objectClass : simpleSecurityObject userPassword : sambasecretpwd cn : samba 2) Set the password: ldappasswd -x -h localhost -D "cn=Manager,dc=IDEALX,dc=ORG" -s sambasecretpwd \ -W cn=samba,ou=DSA,dc=IDEALX,dc=ORG 3) Set you ldap admin dn in smb.conf 4) Set the samba password with smbpasswd Done. (See the HOWTO for details: http://www.iallanis.info/smbldap-tools/docs/samba-ldap-howto/ ) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
