[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Samba auth on replicated LDAP: no admin user
Op 06-12-15 om 18:45 schreef Quanah Gibson-Mount:
> --On Sunday, December 06, 2015 2:19 PM +0100 Paul van der Vlis
> <paul@vandervlis.nl> wrote:
>
>> Hello,
>>
>> I have a replicated LDAP and a few Windows PC's what want to
>> authenticate using Samba. Normally I use "smbpasswd -w" to give the ldap
>> admin dn, but because it's replicated there is no ldap admin!
>>
>> Is there a way to authenticate using a replicated LDAP?
>
> I've no clue what you mean here. If the data is replicated, then the
> same data that is on the master is on the replica, and one can
> authenticate to the replica just like they would to the master.
You would say, but that's not the case. On the replica I don't have an
"admin" user. When I do:
ldapsearch -x -b "cn=admin,dc=domain,dc=nl" -H ldapi:///
On the replica I get: "no such object".
On the master I get: "0 Success".
The replicated LDAP works fine with Linux.
I don't care the LDAP admin user is replicated or the replicated server
has it's own admin user. But I need an admin user with a password.
This are the settings on the replica:
provider=ldaps://ldap.domain.nl
searchbase=dc=domain,dc=nl
type=refreshAndPersist
schemachecking=on
interval=00:01:00:00
bindmethod=simple
tls_reqcert=never
tls_cacert=/etc/ssl/certs/CAself-cert.pem
retry="60 +"
binddn="dc=domain,dc=nl"
credentials=xxxxx
> I'm guessing what you mean is that portions of Samba unique to samba
> that have nothing to do with LDAP are not present, and thus samba
> related tools don't work. I'd suggest discussing with the Samba folks
> on how to properly replicate Samba environments.
Samba is using the LDAP admin user. This user does not work on the
replica. So first I want to have that correct and I expect it will work
then.
With regards,
Paul van der Vlis.
--
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/