Hi Christian,
* Christian Manal moenoel@informatik.uni-bremen.de [16.02.2010 16:41]:
ok. I read it ;-) The Samba Server is a Sles11 with openldap2-2.4.12 and Samba-3.4.5. The Samba Server is not the LDAP Master. This is another Server with a self compiled openldap-2.4.20. The Samba Server runs with the Sles11 shipped openLDAP version. There it doesn't exits a smbk5pwd overlay.
I think that I must compile and configure the overlay only on the Samba Server. Is this correct? Ups and also on the BDC's?
The overlay has to be installed on the LDAP master. Wouldn't make sense otherwise, since slaves are usually read-only.
the overlay smbk5pwd does not really work in this szenario. I have compiled heimdal on Sles11 and compiled the smbk5pwd with make and make install.
<snip Makefile> DEFS=-DDO_SAMBA
HEIMDAL_INC=-I/usr/heimdal/include #HEIMDAL_INC= SSL_INC= LDAP_INC=-I../../../include -I../../../servers/slapd INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv #HEIMDAL_LIB= SSL_LIB=-lcrypto LDAP_LIB=-lldap_r -llber LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB) </snip>
Then I add 'moduleload smbk5pwd.la' and in the hdb section 'overlay smbk5pwd'. After this I create the online configuration with 'slaptest -d1 -f ...'. All looks fine. slapd starts without a error message. I change the smb.conf 'ldap passwd sync = yes' to 'ldap passwd sync = Only'.
With the overlay smbk5pwd nothing happens when I change a password over a Windows Client. Without the overlay I can see the PASSMOD for the user.
Any idea?
Regards Ralf Zimmermann
--
.''`. Ralf Zimmermann : :' : SIEGNETZ.IT GmbH `. `' Schneppenkauten 1a `- 57076 Siegen
Tel.: +49 271 68193 13 Fax.: +49 271 68193 29
Amtsgericht Siegen HRB4838 Geschaeftsfuehrer: Oliver Seitz Sitz der Gesellschaft ist Siegen