Re: Samba 3.2 Ldap problem | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
Charlie, I didn't copied the secrets.tdb, I've used smbpasswd -w. In my Ldap I have an object named "sambaDomainName=OPEN,dc=my,dc=company" which I didn't create, it's automagically created by samba. That object has it's own sid, I've even deleted the secrets.tdb file and the ldap OPEN object, they are recreated with "smbpasswd -w xxxxx", so I assume everything is automagically right. In addition I've tried the index on sambaSID attribute, I already have an "eq" index on it, and I can't create a "sub" index, I think this is because of the attribute definition. I've updated to samba-3.2.0-21 but I'm still stuck. I'm worried about your comment on users located by sid as all my users already has a sid assigned, is that sid server-dependant? I must assume it isn't, it's only user-dependant, isn't it? Regards, -- Ing. Ernesto Silva. Coordinador de Desarrollo Web y Sistemas Abiertos Centro de Procesamiento de Datos Universidad ORT Uruguay. E-mail: silva@xxxxxxxxxxTel: (+5982) 903-1995, (+5982) 902-9687 ext. 102 Fax: (+5982) 900-2952
Charlie wrote:
On Tue, Jul 1, 2008 at 8:16 PM, Ernesto Silva <silva@xxxxxxxxxx> wrote:A few days ago I've installed OpenSuSE 11 Beta 2 in another server, it came with samba 3.2.0-18, so as I'm very lazy I copied the smb.conf file from the working server to the new one with little modifications like the netbios name and which shares it serves, say Server B. I'm connecting to the same Ldap server.Did you copy over the secrets.tdb as well? If not, you are going to have to use "net setlocalsid" to set the machine SID to match the old one, and "smbpasswd -w" to set the LDAP access password. Samba tracks users by SID now (which I don't like, personally, but it's something that the Samba Team apparently had to do if they wanted to interoperate with later versions of Microsoft's networking stack) so your users will have SIDs that were created by the old system. You also will want to put a "sub" index on the sambaSID attribute in OpenLDAP's slapd.conf file if you haven't already done so. Later versions of samba need it... you get a nice efficiency boost. Um, and watch your search limits in OpenLDAP also -the "machine suffix" and "user suffix" parameters in smb.conf are not applied as filters in the searches that samba makes in LDAP, so search returns might be bigger than you anticipate, and I'm not sure that samba can properly handle an RFC-compliant paged LDAP search result like OpenLDAP might return. I prefer using net setlocalsid and smbpasswd rather than just copying over an old secrets.tdb - but use tdbdump on the old one to see if there is anything else in there (like domain trust passwords) before you decide. --Charlie
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Linux] [Info Cyrus] [LARTC] [Christmas Music] [Bugtraq] [Netfilter] [Internet Dating Forums] [RAID] [Yosemite News] [Photography]
|
|