Terry Haley wrote:
I have a samba server acting as my PDC with an LDAP server used for
authentication. Question #1: the password contained within the LDAP
directory for my 'admin' account should = the 'rootpw' entry in
I would create an extra service account for the Samba server and assign
appropriate ACLs. The rootdn circumvents all ACLs. Therefore in
production no LDAP client should use the rootdn as bind-DN.
Question #2: the 'ldap admin dn' entry in my smb.conf file
the 'rootdn' entry in my slapd.conf file, afterwhich, this should be
updated to samba using smbpasswd -w correct?
Isn't smbpasswd -w just for using this tool non-interactively?
Question #3: the 'admin users' entry within the smb.conf are the users
that allow access to the domain correct?
This is a pure Samba question not related to the LDAP backend. Read
smb.conf(5). IMHO it's pretty clear in this regard.