On Oct 19, 2011, at 8:16 AM, Al wrote: > This isn't what I was talking about ... Let me be a little more specific ... > I've got an openldap system configured, just need to setup Samba to use > openldap to allow them to access there shells via Windows Explorer. They > usually login via SSH, but want to have the ability to copy things over to > the Windows without using SFTP. ---- I can't see how that actually matters because you want them to gain access to the samba server using their accounts and samba requires both a POSIX & a SAMBA user and the logical place for a SAMBA user is to have their SAMBA attributes in the same LDAP record.
At that point, they could easily mount a SAMBA share on their Windows box using the same account (though Windows passwords use a Windows compatible hashed password). Basically, the user account in LDAP has both POSIX & SAMBA attributes including userPassword (POSIX) and sambaNTPassword (SAMBA) and group memberships that may be one or both (though I tend to create groups that are both). The easiest way to demonstrate is to use my own setup... # ldapsearch -x '(uid=craig)' -D uid=craig,ou=people,dc=azapple,dc=com -W Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=azapple,dc=com> (default) with scope subtree # filter: (uid=craig) # requesting: ALL # # craig, people, azapple.com dn: uid=craig,ou=people,dc=azapple,dc=com sambaPwdMustChange: 2147483647 labeledURI: http://linuxserver/horde/kronolith/fb.php?c=craig sambaSID: S-1-5-21-1423820788-2381578139-XXXXXXXXXX-1000 calFBURL: http://srv2.azapple.com/horde/kronolith/fb.php?c=craig sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000 00000000 displayName: Craig White sambaMungedDial: 1 shadowMax: 99999 sambaLogonScript: logon.bat sambaProfilePath: \\SRV2\profiles\craig cn: Craig White uidNumber: 1000 shadowWarning: 7 sambaPrimaryGroupSID: 1423820788-2381578139-XXXXXXXXXX-513 sambaAcctFlags: [U ] gecos: Craig White shadowLastChange: 15199 sambaPwdLastSet: 1313206319 mail: cr...@azapple.com userPassword:: REMOVED... sambaLMPassword: REMOVED uid: craig sambaPwdCanChange: 1313206319 sambaHomePath: \\SRV2\homes\craig homeDirectory: /home/craig description: Craig is a local user objectClass: posixAccount objectClass: shadowAccount objectClass: person objectClass: inetOrgPerson objectClass: sambaSamAccount objectClass: top objectClass: calEntry gidNumber: 100 sambaDomainName: AZAPPLE givenName: Craig sambaHomeDrive: h: sambaNTPassword: REMOVED sn: White loginShell: /bin/bash # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
