Re: [Samba] ldapsam cannot find NT password hash
- Date: Mon, 27 May 2019 08:15:06 +0100
- From: Rowland penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] ldapsam cannot find NT password hash
On 27/05/2019 00:42, David Kowis via samba wrote:
I showed you how I got a PDC to work, forget the PDC bit, I could only
get the LDAP part to work by putting everything into the default domain
(*). I tried the way that works on a Unix domain member, separate
'DOMAIN' and '*' lines, but I could not get this to work. I rapidly came
to the point that setting up a new PDC was a bad idea, but in your case,
you don't really have much choice, because of the ACLs used on freenas.
On 5/26/19 10:14 AM, Rowland penny via samba wrote:
Just curious, since I appear to be running a PDC, is there a way to have
a standalone samba server, and just get the user/password information
from LDAP without doing all the domain stuff? That's actually what I'd
like to do. I don't need a domain controller.
I sort of thought you didn't
remove 'security = user' which will make it 'security = auto'
domain logons = yes
server role = member server
domain logons = no
server role = standalone server
This should get you a standalone server with users in LDAP.
I must point out that I have never tried the above, but it should work.
Sadly, it doesn't seem to, or it's a combination of how I must configure
things in FreeNAS land. `testparm` shows the expected output with a few
exceptions. Fortunately, I'm able to override settings in the smb4.conf
by specifying them again, and last-one-in-wins:
It is showing up as a ROLE_STANDALONE server, but I do see during the
startup of smbd:
I assume that's from the lines, but I don't know.
idmap config nosgoth: ldap_url = ldap://pione.dark.kow.is
idmap config nosgoth: ldap_user_dn =
idmap config nosgoth: ldap_base_dn = ou=idmap,dc=dark,dc=kow,dc=is
idmap config nosgoth: range = 10000-90000000
idmap config nosgoth: backend = ldap
Is there a way to specify things by setting them to empty? I can't
delete the entries, because FreeNAS auto-generates this file on boot
from it's configuration database, but I can append to the end and
include stuff that overrides the existing setup....
To unsubscribe from this list go to the following URL and read the