Hi Folks, A couple of questions about making SMB (3 or 4) authenticate to an external (anonymous) LDAP server:
1) A typical LDAP user record is below. Is there anything lacking in this record that would prevent Samba from authenticating against our LDAP server? Note the sambaSID is as is, gobblygook info: dsAttrTypeNative:eduPersonAffiliation: Employee Member dsAttrTypeNative:givenName: David dsAttrTypeNative:homeDirectory: /afs/cats.csux.edu/users/t/dsixpack dsAttrTypeNative:mail: dsixp...@csux.edu dsAttrTypeNative:objectClass: posixAccount organizationalPerson csuxPerson top sambaSamAccount person inetOrgPerson csuxMain eduPerson dsAttrTypeNative:sambaSID: S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX dsAttrTypeNative:sn: Sixpack dsAttrTypeNative:csuxPersonGuID: G000242316 AppleMetaNodeLocation: /LDAPv3/ldap-99.soe.csux.edu AppleMetaRecordName: uid=dsixpack,ou=People,dc=crm,dc=csux,dc=edu NFSHomeDirectory: /Users/dsixpack Password: ******** PrimaryGroupID: 100002 RealName: David Sixpack RecordName: dsixpack RecordType: dsRecTypeStandard:Users UniqueID: 9239 UserShell: /bin/bash 2) Regarding the "sudo smbpasswd -w secret" step, does this smb user need to exist in our LDAP or that local to the machine running the SMB daemon? I wasn't clear on how this step in the process is supposed to work. 3) Is the "ldap admin dn =" also required? Note we have read-only access to our LDAP server, though a record could be created for us if absolutely needed. Any help or ideas MUCH appreciated! Thanks! David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba