Thanks so much. Now I'm a little closer to understanding. Basically, Samba likes to have a Unix logon so it has some file control that it wouldn't usually have. I now know that openLDAP is set up correctly, I just have to figure out how Samba is supposed to be working.
On Mon, 2009-05-25 at 16:01 +0200, Buchan Milne wrote:
On Friday 22 May 2009 22:21:05 Matt Burkhardt wrote:
> Hope this is the right list -
> Anyway, I've got openLDAP 2.4.9 on Ubuntu 8.04 along with Samba 3.028
> I've got it all installed and used the slapd.d (cn=config) capabilities.
> I get no errors on start up or stop, can create, modify and delete users
> and groups.
> However, I cannot create a user in openLDAP that is usable with Samba.
> If I go back in and create a Unix user, it will work.
This is more of a samba question ...
Samba requires a unix user to exist for a samba user (except in one case).
Where that Unix user is defined (in local files, or in LDAP) is irrelevant.
Typically, you set the environment up so that creating a "user" creates an
entry in LDAP with at least the posixAccount and sambaSamAccount
objectclasses, and configure the LDAP clients (samba, nss_ldap) appropriately.
> I've installed
> libnss-lapd and configured it - but is this the way it's supposed to
Yes. 'getent passwd sambauser' (where 'sambauser' is the username of a Samba
user) should work, for samba to allow access for the user 'sambauser'. So, you
should fix your nss_ldap configuration.
If you *really* don't want to have Unix users for Samba users, the
ldapsam:trusted option can avoid this. However, local file ownership resolution