Hi Christian,
* Christian Manal <moenoel@informatik.uni-bremen.de> [16.02.2010 16:41]:
> > ok. I read it ;-) The Samba Server is a Sles11 with openldap2-2.4.12 and
> > Samba-3.4.5. The Samba Server is not the LDAP Master. This is another Server
> > with a self compiled openldap-2.4.20. The Samba Server runs with the Sles11
> > shipped openLDAP version. There it doesn't exits a smbk5pwd overlay.
> >
> > I think that I must compile and configure the overlay only on the Samba Server.
> > Is this correct? Ups and also on the BDC's?
> >
>
> The overlay has to be installed on the LDAP master. Wouldn't make sense
> otherwise, since slaves are usually read-only.
the overlay smbk5pwd does not really work in this szenario. I have compiled
heimdal on Sles11 and compiled the smbk5pwd with make and make install.
<snip Makefile>
DEFS=-DDO_SAMBA
HEIMDAL_INC=-I/usr/heimdal/include
#HEIMDAL_INC=
SSL_INC=
LDAP_INC=-I../../../include -I../../../servers/slapd
INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)
HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
#HEIMDAL_LIB=
SSL_LIB=-lcrypto
LDAP_LIB=-lldap_r -llber
LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)
</snip>
Then I add 'moduleload smbk5pwd.la' and in the hdb section 'overlay smbk5pwd'.
After this I create the online configuration with 'slaptest -d1 -f ...'. All
looks fine. slapd starts without a error message. I change the smb.conf 'ldap
passwd sync = yes' to 'ldap passwd sync = Only'.
With the overlay smbk5pwd nothing happens when I change a password over a
Windows Client. Without the overlay I can see the PASSMOD for the user.
Any idea?
Regards
Ralf Zimmermann
--
.''`. Ralf Zimmermann
: :' : SIEGNETZ.IT GmbH
`. `' Schneppenkauten 1a
`- 57076 Siegen
Tel.: +49 271 68193 13
Fax.: +49 271 68193 29
Amtsgericht Siegen HRB4838
Geschaeftsfuehrer: Oliver Seitz
Sitz der Gesellschaft ist Siegen
Attachment:
signature.asc
Description: Digital signature