Re: [Samba] Windows->LDAP->Samba
This is a discussion on Re: [Samba] Windows->LDAP->Samba within the Samba forums, part of the Networking and Network Related category; On Tue, 2005-11-15 at 14:30 -0800, Mont Rothstein wrote: > Sorry for being so vague, I was ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-15-2005
|
|||
|
|||
Re: [Samba] Windows->LDAP->Samba
On Tue, 2005-11-15 at 14:30 -0800, Mont Rothstein wrote:
> Sorry for being so vague, I was tring not to be :-) > > I actually dived in days ago and I am swiming in docs, books, manuals, > and webpages. > > Part of my challenge is that I'm not ever sure of what questions to > ask. > > Jeff's reply has helped (thanks Jeff). Looking up ldap authentication > has brought me to pages I hadn't seen yet. I'm not sure which ones I > want yet, but it is a start. > > I wish are had specific technical questions to ask, I really do. > > I have an LDAP server up and running as well as Samba. The two may or > may not be integrated correctly together. > > I believe my next step is to get a windows machine to authenticate to > the Linux server via LDAP, without having to create a Unix account for > the user. > > The step after that will be to see if ACLs work. > > If/when I get those two then I think I'll have what I need. > > If you know any good pages on authenticting a windows client to a non- > PDC Linux Directory Server, I would love to see them. > > Thank you for taking the time to ponder my troubles. > ---- 1 - an LDAP user (more accurately I think, a DN) would have both the objectclasses and attributes relevant for all of the required resources so your concept of not having to create a Linux account is absurd. If you don't want the users to have home directories or profiles, there are ways around that. # ldapsearch -x -h localhost -D 'uid=craig,ou=People,dc=azapple,dc=com' -W '(uid=craig)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (uid=craig) # requesting: ALL # # craig, People, azapple.com dn: uid=craig,ou=People,dc=azapple,dc=com shadowLastChange: 12340 sambaLMPassword: NOT-RELEVANT sambaNTPassword: NOT-RELEVANT sn: White givenName: Craig sambaPwdCanChange: 1091395680 sambaPwdMustChange: 2147483647 sambaPwdLastSet: 1091395680 labeledURI: http://linuxserver/horde/kronolith/fb.php?c=craig shadowMax: 99999 sambaProfilePath: \\srv1\profiles\craig sambaLogonScript: logon.bat cn: Craig White uidNumber: 500 shadowWarning: 7 sambaPrimaryGroupSID: S-1-5-21-1123456789-0123456789-0123456790-513 sambaAcctFlags: [U ] gecos: Craig White userPassword:: NOT-RELEVANT mail: craigwhite@azapple.com uid: craig sambaHomePath: \\srv1\homes\craig homeDirectory: /home/craig objectClass: posixAccount objectClass: shadowAccount objectClass: person objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: top objectClass: calEntry gidNumber: 500 sambaDomainName: AZAPPLE sambaSID: S-1-5-21-1123456789-0123456789-0123456790-1000 sambaHomeDrive: h: calFBURL: http://srv1/horde/kronolith/fb.php?c=craig loginShell: /bin/bash keep working Craig PS - a plug for Gerry's book... LDAP System Administration by Gerald Carter - getting a little old now, but still a great book for getting your feet off the ground with ldap -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
Linear Mode
