Web lists-archives.com

Re: [Samba] Samba with OpenLDAP (not a DC)




On Fri, 9 Nov 2018 12:34:16 -0600
dee heffem <dheffem@xxxxxxxxx> wrote:

> 
> 
> On 11/9/18 11:31 AM, Rowland Penny via samba wrote:
> <snip>
> > 
> > Did you run smbpasswd -w <ldap-password> ?
> 
> That part appeared to be under the the "optional"
> section so I did not. I will add that along with the
> samba schema as you mention.

Both are not optional, Samba will not work without them.

> 
> With write access to the Directory, what attributes does samba
> update?  I'm concerned that our SASL passthrough attributes
> may throw a wrench in the works.  If samba tries to update that
> attribute with a password from the Linux end (password sync?)
> we might have troubles elsewhere with logins.

It will update whatever you ask it to. You do realise that a Samba DC
doesn't need to sync passwords with anything else, it where you
authenticate from.

There have been numerous reports of problems with NT4-style domains and
windows 10 i.e. they just don't work any more, so I would seriously
think hard before setting up a new LDAP based Samba server.
 
Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba