Yes smbpasswd -w is for user/group/domain information.
net idmap secret alloc is specifically for the idmap part of the directory. IMO if there is no idmap password set, it should fall back to the global ldap dn/password. On Mon, 7 Sep 2009 08:35:20 +0200, "Zeller, Jan" <jan.zel...@id.unibe.ch> wrote: > thank you ! But what's "net idmap secret alloc <password>" ? > Is it different from "smbpasswd -w" ? > > "man net" says : > Store a secret for the specified domain, used primarily for domains that > use idmap_ldap as a backend. In this case the secret is used as the > password for the user DN used to bind to the ldap server. > > hmmm... > >> -----Ursprüngliche Nachricht----- >> Von: David Markey [mailto:dmar...@dodds.dmarkey.com] >> Gesendet: Montag, 7. September 2009 00:53 >> An: Zeller, Jan >> Cc: samba@lists.samba.org >> Betreff: Re: [Samba] "net sam provision" and samba 3.4.0 >> >> >> These are the settings i use: >> [global] >> workgroup = TESTDOM >> encrypt passwords = true >> passdb backend = ldapsam:ldapi:/// >> domain logons = yes >> ldapsam:trusted=yes >> ldapsam:editposix=yes >> restrict anonymous = 0 >> log level = 10 >> log file = /var/log/samba >> ldap admin dn = cn=admin,dc=samba,dc=org >> ldap delete dn = yes >> ldap passwd sync = yes >> ldap group suffix = ou=groups >> ldap machine suffix = ou=computers >> ldap user suffix = ou=users >> ldap suffix = dc=samba,dc=org >> ldap ssl = off >> logon path = >> template homedir = /home/%U >> template shell = /bin/bash >> idmap backend = ldap:ldapi:/// >> idmap uid = 1000000-1999999 >> idmap gid = 1000000-1999999 >> idmap alloc backend = ldap >> idmap alloc config : ldap_url = ldapi:/// >> idmap alloc config : ldap_base_dn = ou=idmap,dc=samba,dc=org >> idmap alloc config : ldap_user_dn = cn=admin,dc=samba,dc=org >> >> >> Don't forget net idmap secret alloc "password" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
