Web lists-archives.com

Re: [Samba] AD LDAP






Le 27/06/2018 à 11:45, Rowland Penny via samba a écrit :
On Wed, 27 Jun 2018 11:31:15 +0200 (CEST)
Michal via samba <samba@xxxxxxxxxxxxxxx> wrote:

   Hi,
 it there  any way how to look into samba ldap in the same way I can
look into OpenLdap via LDAPAdmin, ldap tools etc, when I know
OpenLDAP "root" dn and password? Is there such "root" user for Samba
AD LDAP?
Samba AD uses its own version of ldap and most, if not all, standard
ldap tools will work with it.
The 'root' user for AD is called 'Administrator', but you are not
restricted to this user, you can use any user that is a member of
'Domain Admins', for instance.

  We have a lot of scripts based on "ldapsearch" (without
authentification) and "ldapmodify" (with ldap authentification). It
would be very unpleasant if we can not use the scripts with SambaAD.

They should work, but you may not need all of them, Samba comes with
'samba-tool' and you can use this to maintain user & groups etc.

AD LDAP requires auth for search... so your ldapsearch calls should fail

you can try to set auth info in .ldaprc (see man ldap.conf BINDDN)

Rowland



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba